Setting to limit session time for users logged into n8n management console [GOT CREATED]

The idea is:
To have a session timeout setting where users are force to log back in after a desired time has elapsed.

My use case:
Complying with internal compliance requirements.

I think it would be beneficial to add this because:
it would improve the security posture of the product.

Are you willing to work on this?
I do not have the coding experience to implement this.

Hey @Hidden_Squid I’m pleased to say we’ve now added support for setting a custom session timeout as of version 1.26.0. We’ve introduced two new environment variables to configure this which are:

N8N_USER_MANAGEMENT_JWT_DURATION_HOURS - This sets the expiration for the JWTs in hours.

N8N_USER_MANAGEMENT_JWT_REFRESH_TIMEOUT_HOURS - This controls how many hours before the JWT expires to automatically refresh it.

For more details on how to configure these and other variables, check out the environment variables docs.

1 Like