Configuring the session timeout period
You can control the length of time users remain signed in to the Secure Endpoint Console during periods of inactivity. The Session timeout setting allows you to apply a consistent security policy across all users in your Absolute account.
The value you choose affects both security and user experience:
-
Security: Shorter timeouts reduce the risk of unauthorized access on shared or unattended devices.
-
User experience: Longer timeouts reduce the need for repeated sign-ins, which can benefit roles that involve extended periods of observation or review such as monitoring dashboards or analyzing lengthy reports.
By selecting a timeout that fits your organization’s needs, you can strike the right balance between protecting your data and maintaining your users' productivity.
Always ensure your chosen setting aligns with your organization’s broader security policies.
To configure the session timeout period:
-
Log in to the Secure Endpoint Console as a user with the Manage permission for Authentication. The System Administrator role is the only Default role with this permission.
-
On the navigation bar, click
Settings > 
Account. -
Under Login & Security, click the field next to Session timeout and do one of the following to set the number of minutes of inactivity allowed for a user session:
-
Enter the desired number of minutes directly in the numeric field.
-
Use the arrow controls to set the desired number of minutes.
The session timeout must be between 5 and 240 minutes. The default value is 20 minutes. -
-
Click outside the dialog to save your changes.
The new timeout applies to every user in your Absolute account. If a user’s browser session remains inactive for the specified period, the user is automatically signed out of the Secure Endpoint Console and prompted to log in again.
Whenever the Session timeout setting is changed, a Session timeout updated event is logged to Event History.
