Session timeout setting implemented for the community discourse application

Support
1

Could anyone please tell me of the ideal session timeout setting implemented for the community discourse application? We have observed that the application browser session remains open without logging out, even after 12 hours or more.

Thank you.

1 Like
2

In general, perhaps a year would be fine or enough. It is quite common practice to leave a tab of a browser open.

But if there are some privacy or security concerns, then perhaps a 30-minute timeout on inactivity would be good.

4 Likes
3

Can you tell how I can change it on discourse .like if i want to set this to 30 minutes

1 Like
4

Agreed. I don’t want to keep logging in.

If you want to change the settings @Jaskaran you can check out these site settings

image
image1390Ă—483 37 KB

2 Likes
5

No I can’t but AI claims this:

Changing User Logout Time in Discourse AI

Jagster:

Can I change the time when system forces an user logout?

gpt-4o:

Searching site settings

Found 0 results for 'session expiration'

Searching

Searching for: time when system forces a user logout

Reading

Read: How to automatically log out of the account when the user is not online

Look up site setting context

Reading context for: maximum_session_age

Yes, you can change the time when the system forces a user to log out by adjusting the maximum_session_age setting. This setting determines the maximum number of hours a user remains logged in since their last visit.

Steps to Change the maximum_session_age Setting

  1. Access the Admin Settings:

    • Navigate to your Discourse site.
    • Click on your profile picture in the top right corner.
    • Select “Admin” from the dropdown menu.
    • Go to “Settings” in the left-hand sidebar.

  2. Search for the Setting:

    • Use the search bar at the top of the settings page to search for maximum_session_age.

  3. Adjust the Setting:

    • The default value for maximum_session_age is 1440 hours (60 days).
    • You can set it to any value between 1 hour and 175200 hours (20 years).

  4. Save Changes:

    • After adjusting the setting, make sure to save your changes.

Example:

If you want to set the maximum session age to 30 hours, just change the value to 30.

Relevant Source:

You can find further details in the topic on How to automatically log out of the account when the user is not online.

For more technical details, you can refer to the maximum_session_age site setting context.

If you need any more assistance or have further questions, feel free to ask!

1 Like