G Suite Session Timeout
Most frequent questions and answers about G Suite Session Timeout Control
No, when you change the session length in Google admin console (as shown above), then settings only apply to new sessions.
All users with an active sessions will “Not” be impacted by it, however once they “logout” OR “their 14 days default session expires”, then the new session length will be enforced.
Yes, workaround is to reset required user’s sign in cookies.
You can do that by following-;
- Search for the user in admin console
- Go to user’s account page
- Scroll down to see “Reset Sign In” cookies (as shown in the screenshot below)
Please note -: This will log the user out from all active sessions include the mobile app such as Gmail App on Android or iOS.
So be careful, I recall once I accidentally did it to our client’s CEO’s account and he had to login again to all his 6 devices, that was a tough day for me:).
No, it does not apply on G Suite mobile apps (e.g Gmail or Drive app on Android and iOS).
So, let say, if you configure session to be 8 hours, users on mobile devices with native G Suite apps will “NOT” need to enter their password every 8 hours which is good else it’ll be a nightmare:).
Though at the time of initial launch of session control, it was only supported where Google was acting as IDP, but just after couple of weeks, Google enhanced its session control and now it applies on SAML based authentication too where Google isn’t acting as authentication provider.
So if you are using a third party IDP (e.g Okta, Ping Identity or ADFS), this setting will now apply to those G Suite sessions too.
G Suite Admin session timeout is “One Hour”, and as its a persistent one, which means closing the browser won’t impact the session but one hour time would.
So far following static options are available to control sessions-:
Session Never Expires
Other G Suite Admin related posts you may like.
You probably already know that you can use G mail