Last Updated: Jan 9, 2025
Overview
This article explains how to demonstrate a documented timeout for Auth0 Dashboard authenticated sessions when accessing tenant settings for a compliance audit.
Applies To
- Timeouts
- Auth0 Dashboard
Solution
In the current Dashboard Session length, there are two sessions at play:
- The "
auth0.auth0.com"session is configured to expire after 3 days of inactivity or after 7 days since the last interactive login - This session applies to the Support Center (support.auth0.com), Community (community.auth0.com), docs (auth0.com/docs), main Auth0 website (auth0.com). - The Auth0 Dashboard session (from
manage.auth0.com). This one lasts 12 hours. This session plays if the Auth0 dashboard tab is left open. The session will be logged out after 12 hours, both from the Dashboard and from Auth0 (auth0.auth0.com). If the tab is closed, the default session lifetime is the 3-day rolling session, up to a maximum of 7 days.
If the user uses any available external identity providers to log in (like any social identity or an identity provider configured for SSO with the Auth0 Dashboard), then a third session is at play. For example, if Continue with Google is selected, Google will not prompt the user to log in if they are already authenticated with Google.
Q. Can the session duration be changed?
A. Not for public cloud. For private environments, the session duration can be configurable.
Q. Can the session change dynamically for a tenant/user?
A. No. It is the same for everyone.