Welcome to Gimasys!
Hotline: +84 974 417 099 (HCM) | +84 987 682 505 (HN) gcp@gimasys.com
Blog

Control session time of businesses using SAML

What’s new:: In March, Google released G Suite Business, Enterprise and Education admin permission settings specify the duration of the web session – Session length controll for Google services (for example, four hours, seven days, or infinity). At the time, this setting only applied to domains for which Google was responsible for credentials (i.e., where Google was an Identity provider). Google is now expanding the reach of this setting, making it possible for domains associated with another Identity Provider (IdP) using SAML to still control access duration.

 

Control session time access to G Suite apps

 

Note that these settings apply to all desktop web browser sessions, as well as some mobile browser session. Mobile-specific apps, like Gmail for Android and iOS, are unaffected by these settings.

 

May 7, 2018: Clear session-based cookies

 

Previously, to be able to control the duration of sessions for G Suite customers' preferred IdP providers, Google set cookies for sessions by associating these sessions with another IdP via SAML under transient or session. These cookies are designed to expire whenever the browser is closed, meaning the user will again be redirected to their primary IdP whenever they reopen the browser and visit a Google website. .

 

However, over time, this behavior has become increasingly inconsistent across browsers. Google sees that G Suite admins are better served with more explicit session length controls, like the ones Google just launched. Unlike session cookies, these controls apply to whatever browser the user uses.

 

With this in mind, Google will delete session cookies that a G Suite user has associated with another IdP via SAML on May 7, 2018. Please consider this. custom session duration settings for the business if its workflow depends on it.

 

Repeat previous actions

If sessions end when a browser is closed, and you find it extremely important to repeat your previous actions, you can change the browser settings on the affected devices, to The goal is to delete all local data when exiting that browser. Instructions for setting up Chrome settings can be found at this. To make this policy cross-device, you can use multiple policies for Chrome to build transient modes.

 

Updated: Gimasys

Related Posts

Back To Top
phone number
0974 417 099