Non-persistent Sessions Not Working

Problem Statement:

In our tenant we have non-persistent sessions enabled. But when the tab, window, or browser is closed and reopened, the session persists.

Solution:

There could be a couple reasons for sessions persisting. The browser being used, the browser settings, and the operating system all can affect this feature.

  • If the user has a session restore setting on the browser enabled, restoring the session also restores the session cookie.
  • Additionally closing the tab by itself is not enough to end the session. For example on MacOS, the browser needs to be completely closed with command + Q.
  • If the session was created through a federated IdP connection, this feature will not work.

Reference:

1 Like