Requirement is to set max session age/duration such that if a certain time is elapsed user would need to reauthenticate irrespective of whether their session is active or not. The session should terminate and user should automatically be logged out and would need to authenticate again to login.

Currently, we have Idle session duration parameter in Authentication policy that track how long members can be inactive before logging them out.