Skip to content

Signing out of all active sessions

You can log out of all sessions for a specific account or service in IFS Cloud by selecting "Sign out all active sessions" from the Command list. This will make all cookies invalid. Users must log in again for any active browser sessions requiring authentication.

This action will only be available to users with the AUTH_ADMINISTRATOR system privilege.

IMPORTANT: Clicking "Sign out of all active sessions" does not invalidate outstanding access tokens. Outstanding tokens must expire naturally. Therefore, it is recommended that access tokens have a shorter lifespan. Refer to more security recommendations.

When to Sign Out Active Sessions

An admin might need to sign out all active sessions for users in an organization for various security and administrative reasons. Here are key situations when an admin should consider signing out all active sessions:

1. Security Breach or Incident Response

  • Scenario: A security breach, phishing attack, or unauthorized access is detected within the organization.
  • Action: Signing out all active sessions helps to mitigate the impact and prevent further unauthorized access, giving admins time to investigate and address the issue.

2. Password Policy Changes or Account Compromise

  • Scenario: Passwords are compromised, or there’s a mandatory password reset for all users due to updated security policies.
  • Action: Signing out of all sessions ensures that users must log back in with new credentials, enhancing security.

3. User Account Termination or Suspension

  • Scenario: An employee leaves the organization, or a user’s account needs to be suspended temporarily due to policy violations or security concerns.
  • Action: Signing out of all active sessions immediately revokes access to company resources, ensuring that former employees or suspended users cannot access sensitive information.

4. Device Loss or Theft

  • Scenario: A company device is lost or stolen.
  • Action: Signing out of all sessions from that user’s account prevents potential data theft from compromised devices.

5. Enforcing Two-Factor Authentication (2FA)

  • Scenario: The organization is implementing 2FA, and users need to authenticate with the new method.
  • Action: Signing out all sessions forces users to log in again, ensuring that 2FA is correctly enforced.

6. Regular Security Audits and Compliance

  • Scenario: During routine security audits or compliance checks, admins might need to verify access control mechanisms.
  • Action: Periodically signing out all active sessions helps maintain a clean security posture and ensures compliance with organizational policies.

7. System or Application Updates

  • Scenario: Significant updates to systems, applications, or security settings have been made.
  • Action: Signing out all sessions ensures that users reconnect under the latest security and configuration settings.

8. Credential Sharing Detected

  • Scenario: Detecting or suspecting that credentials are being shared among unauthorized users.
  • Action: Signing out all sessions helps enforce individual accountability and secure access control.

9. Data Migration or Platform Change

  • Scenario: Moving to a new platform or system where user re-authentication is necessary.
  • Action: Signing out helps ensure that users connect securely to the new environment.

10. Preventing Unauthorized Access in High-Risk Situations

  • Scenario: High-risk situations like layoffs, restructuring, or incidents where tensions could lead to data theft or sabotage.

  • Action: Signing out all sessions helps control access and maintain data security during sensitive periods.