User Sessions
You can view a list of all the users currently logged into your Sisense account in the Session Table.
The Sessions Tables provides the following information about the users currently logged into your Sisense account:
- Username : The Sisense username
- Name : The user’s first and last name
- Domain : The part of the user’s email address after the @ sign
- Current Sessions : The number of sessions the user has open
- Session Duration : The amount of time from the first session until now
The Session Table is useful for monitoring who is currently logged in and who might be abusing their license. For example, if you need to declare some downtime, you can view the currently logged in users and end their sessions manually by revoking their session.
If you believe that a user is abusing their license, you can check the Current Sessions column to see how many sessions they currently have open. Users can open multiple tabs in their browser to open multiple sessions, or by sharing their account information with other users. To view which users have the most sessions currently open, click the Current Sessions table heading.
Note:
User session in Sisense Mobile are not included in the Sessions table.
Revoking a Session
From the Session Table, you can revoke a user’s session. Revoking the session ends the user’s current session. It does not revoke the user’s API tokens.
When a user’s session ends, the next time the user tries to perform an action in Sisense, a message is displayed that the session has ended and your users are prompted to log in again.
To revoke a session:
-
In the Admin page, select Sessions Table.
-
Locate the relevant user in the Session table. You can click and enter the user’s information in the Search field to locate the user quickly. As you begin to type, the results are filtered.
-
For the relevant user, click and confirm that you want to revoke the session by clicking Revoke. The next time the user performs an action in Sisense, they are redirected back to the Login page.
Setting Session Inactivity Timeouts
When a user signs into Sisense, a session cookie is stored in their browser. The session cookie allows the user to remain logged in and authenticated even after ending a session for 7 days.
For security reasons, you may want to end your user’s session sooner. Sisense provides two methods for ending a user session, according to the user’s cookie or by the amount of session inactivity as recorded by Sisense.
When a user’s session ends, the next time the user tries to perform an action in Sisense, a message is displayed that the session has ended and your users are prompted to log in again.
After making any changes to your users’ session timeout settings, all of your users’ sessions are terminated and the user is asked to log in again.
If you have implemented SSO, your users will be logged out and redirected to the IdP to reauthenticate.
To set the session inactivity timeouts:
-
In Sisense, open the Admin page and select Security Settings.
-
In the Session Management area, select the method you want to use for defining when a user’s session ends:
Cookie : Allows you to define how much time must pass before a user’s session is ended according to the user’s cookie. This is the default behavior for Sisense.
- Expiration(days) : The amount of days that must pass for a user’s session to end. The default is 7 days. You can enter 0 so your users' sessions do no expire so long as they have the cookie.
- Show "Remember Me" checkbox on Login screen :Toggle to remove the Remember Me checkbox from the Login screen. Disabling this option means that if your user ends a session, they must log in again the next time they try to access Sisense.
-
Session Inactivity : Allows you to define how many minutes of inactivity must pass before a user or an Administrator is logged out.
Note:
By selecting this option, you can set a custom session timeout for your Sisense user groups. See Managing User Groups for more information.
- Default Inactivity Timeout (min.) : Determines how much time must pass before a user is logged out. The default is 30 minutes.
- Admin Inactivity Timeout (min.) : Determines how much time must pass before an Administrator is logged out. The default is 30 minutes.
- Click Save to save your changes.
.r.