Uploaded image for project: 'Jira Platform Cloud'
  1. Jira Platform Cloud
  2. JRACLOUD-74919

When logging in Jira from the mobile app the session does not expire

XMLWordPrintable

      Issue Summary

      If a user logs into Jira from the mobile app the session does not have an inactivity time out as it happens for browser sessions

      Steps to Reproduce

      1. log into Jira Cloud from the mobile app
      2. leave it idle for ... any time
      3. you will not be logged out

      Expected Results

      One would expect that there is an inactivity timeout of some sort. This could be the same as the browser defined timeout at the organization level, or a specific timeout for mobile sessions, considering that mobile experience is different and users are not used to be timed out. In any case no timeout at all is a serious security problem (one that is becoming more and more critical following the COVID crisis)

      Actual Results

      The user is never logged out

      Workaround

      The only available workaround for the Admin seems to be to deactivate the user. 1h after deactivation the user will be kicked out of the mobile session

              vsvidersky Vlad Svidersky
              giannazzo Giulio Iannazzo
              Votes:
              0 Vote for this issue
              Watchers:
              11 Start watching this issue

                Created:
                Updated:
                Resolved: