This article explains how user sessions are managed in the Frisbii Media SSO, including session lifetime, automatic renewal, and expiration behavior.
Session Behavior
Active Sessions Without Logout
When a user logs in without explicitly logging out, their session remains active. Simply closing the browser does not terminate the session. The user will remain logged in when they reopen the application.
Session Lifetime
Sessions have a default lifetime of 14 days. Each time the user interacts with the application, the session is automatically renewed, extending the lifetime from that point.
If the user selects the "Stay logged in" checkbox during login, the maximum session lifetime is extended to 30 days.
Automatic Expiration
If no activity occurs within the defined session lifetime (14 or 30 days, depending on the login option selected), the session expires automatically. The user must log in again to access the application.
Multiple Sessions
Multiple Sessions Per Device
Users can have multiple active sessions on the same device when using different browsers. For example:
one session in Google Chrome
another session in Mozilla Firefox
This is expected behavior and does not indicate an issue.
You can define the amount of parallel logins in the Merchant Backend under Settings → Applications → SSO in the Settings tab.
In the customer account in the “Sessions” tab, you can view all active sessions and manually remove them if there are too many active sessions or to terminate specific sessions for security reasons.
Multiple Sessions Within One Browser
Only one user session should exist per browser session.
If multiple user sessions are created within a single browser session unintentionally, this likely indicates an integration issue that should be investigated. This behavior is not expected under proper implementation.