Sessions & Email Verification
Understand session handling and email verification. Users can end all their sessions; session lifetime is platform-managed.
#Purpose
Help users control their sessions and verify their identity.
#When to use this
When a device is lost, an account may be compromised, or an email needs verifying.
#At a glance
| Detail | Value |
|---|---|
| Required permissions | Users manage their own sessions |
| Administrator level | Admin supports; platform-managed |
| Portal areas used | Account (sign-out everywhere), Authentication (email verification) |
#Step by step
1
Verify email when prompted
Users confirm ownership of their address where required.
2
End sessions if needed
A user can sign out of all devices from account settings.
3
Re-sign in
They sign in again where they still need access.
#Approval points
No formal approval gate
This administrative action does not require a separate sign-off, but review carefully before applying changes.
#Security notes
Security considerations
- Configurable org session-timeout is not available today (platform-managed); use log-out-of-all-devices for compromised accounts.
- Verify email changes to keep account recovery reliable.
#Best practices
- Sign out of all devices after any suspected compromise.
- Keep verified emails current.
#Common mistakes
- Assuming an admin can set session timeouts.
- Ignoring email verification prompts.
#Troubleshooting
| If this happens | Try this |
|---|---|
| A device still seems signed in | Have the user sign out of all devices, then change the password. |
#FAQ
Can I set how long sessions last?
Session lifetime is platform-managed; org-configurable timeouts are not available today.
#Keep exploring
#Related admin guides
#Business modules & workflows
Getting Started
Initial setup.
Platform Overview
How the OS fits together.
Knowledge Base
Task-level how-tos.
Business Workflows
End-to-end processes.
Still need help?
Can’t find what you’re looking for? The DevSphere OS team is happy to help.
Was this page helpful?