All systems operational

Sessions & Email Verification

Understand session handling and email verification. Users can end all their sessions; session lifetime is platform-managed.

#Purpose

Help users control their sessions and verify their identity.

#When to use this

When a device is lost, an account may be compromised, or an email needs verifying.

#At a glance

DetailValue
Required permissionsUsers manage their own sessions
Administrator levelAdmin supports; platform-managed
Portal areas usedAccount (sign-out everywhere), Authentication (email verification)

#Step by step

1

Verify email when prompted

Users confirm ownership of their address where required.
2

End sessions if needed

A user can sign out of all devices from account settings.
3

Re-sign in

They sign in again where they still need access.

#Approval points

No formal approval gate

This administrative action does not require a separate sign-off, but review carefully before applying changes.

#Security notes

Security considerations

  • Configurable org session-timeout is not available today (platform-managed); use log-out-of-all-devices for compromised accounts.
  • Verify email changes to keep account recovery reliable.

#Best practices

  • Sign out of all devices after any suspected compromise.
  • Keep verified emails current.

#Common mistakes

  • Assuming an admin can set session timeouts.
  • Ignoring email verification prompts.

#Troubleshooting

If this happensTry this
A device still seems signed inHave the user sign out of all devices, then change the password.

#FAQ

Can I set how long sessions last?

Session lifetime is platform-managed; org-configurable timeouts are not available today.

#Keep exploring

#Business modules & workflows

Still need help?

Can’t find what you’re looking for? The DevSphere OS team is happy to help.