Active Sessions
Active Sessions
Amorphic's Active Sessions feature provides robust support for user-authenticated device tracking, enhancing user management and security capabilities. This enhancement empowers users by enabling them to monitor the devices utilized for their logins, thereby providing heightened transparency and control over user authentication and security protocols. This feature equips users with valuable insights into their login activities, streamlining the process of monitoring and managing their authenticated devices with ease.
- When Morph is enabled, the active sessions feature will remain disabled.
- When any identity provider (IDP), such as Okta or Azure AD, is enabled within Amorphic, the active sessions feature will not be activated.
Global Signout
The Global Signout feature allows authorized users, including administrators, to initiate a global signout operation for a specific user or for themselves. When triggered, this feature logs the user out of all active sessions and effectively invalidates all remembered devices, providing an enhanced security measure. An administrator with the users.update permission can initiate a global signout for any user and a user can trigger a global signout for their own user ID. Global sign-out invalidates all refresh tokens for a user, while the user's ongoing access and ID tokens maintain their validity until their expiration. So, upon executing a global sign-out for a different user, their session may remain active for up to one hour.