Auto logout after period of inactivity
Create option to auto-logout from portal after period (configurable) of inactivity.

10 comments
-
Paulie commented
This control is a FISMA requirement. Please implement in Azure Gov ASAP.
Thanks Paul
-
Martin Schvartzman commented
This option is now available in the Azure portal for Tenant/directory administrators.
Click the portal settings (gear) icon and then click the 'Configure directory level timeout'. Enable the feature, set a time span (hours and minutes) and click Apply.
Once configured, the changes will take effect after a logout/login and all users of the tenant will see a message in the portal settings pane. -
Aravind Katragadda commented
Please implement soon.
-
CarlosG commented
Nice to have.
-
AndyB commented
It is a security requirement for our organization. Please include this change in a global setting.
-
Pat commented
It would be great to be able to base this off roles and groups too. For example on our normal user accounts we have limited prod access and could be more lenient on the timeout. On our separate admin accounts with elevated access it would be great to be able to have a fairly restrictive policy. Especially on co-administrator and global administrator accounts.
-
Donnie Byrd commented
I agree this should be a global setting. We came across this issue during a PCI compliance audit.
-
[Deleted User] commented
Agree, there should be a global inactivity setting for it.
We just got a pen test report which said that the auditor had inactivity sign out set to Never (the default).
I would like to change it to at the AD level to 5 minutes.
How to do this?
-
Anonymous commented
It is a security requirement for many organizations to enforce inactivity timeout periods for users/administrators in on-premises, hybrid, and Azure environments; however, it is not possible to meet this security requirement when it comes to the Azure Portal and this is a problem. If security is a priority please make that option available.
-
Joseph Baber commented
Can we get a global setting for inactive logouts for our entire account?