By default, Intercom web sessions are designed to remain active as long as there is activity within a 4-day period. While this provides convenience and uninterrupted access for teammates, it may not align with the security requirements of your organization.
Longer session durations can pose a security risk, especially if a teammate's device is lost, stolen, or compromised. Custom session lengths minimize this risk by shortening the window in which a session can be hijacked by unauthorized users.
Enable custom session lengths
You can set up custom session lengths in your Security settings under Workspace Security Settings.
Toggle the setting on via the "Force teammates to re-authenticate after a set period of time" switch under Workspace access restrictions.
Choose a preferred session length from the dropdown menu and click Save to apply the changes.
Important
If a teammate belongs to multiple workspaces with different session timeouts, the shortest timeout will be applied even if some workspaces do not have the setting enabled.
For workspaces utilizing SAML for authentication, the session timeout set by the identity provider will be prioritized, with the custom session length serving as a fallback.
The "Keep me signed in" option on the login page will be overridden if any workspace the teammate is part of has a custom session length set.
💡Tip
Need more help? Get support from our Community Forum
Find answers and get help from Intercom Support and Community Experts