Last Updated on March 20, 2022 by Rakesh Gupta
Unlike any other application, the System administrator can cancel users’ sessions. Now users with View Setup and Configuration permission can easily view user sessions and, if necessary for security or other reasons, end sessions (It’s required View All Data user permission) from the same page.
The User Session Information page allows you to view active sessions, view session details for an organization, and create different views of the data. You can also view details about a user associated with a specific session, and end suspicious sessions if required. This feature is available in Developer, Performance, Enterprise, Professional, Contact Manager, Group, Unlimited, and Database.com editions.
Let’s take a pause here, familiar yourself with the AuthSession objects in Salesforce. The AuthSession object represents an individual user session in your organization.
|Created||The date and time stamp of when the session began.|
|Login Type||The type of login associated with the session. Some login types include Application, SAML, and Portal.|
|Session Type||The type of session the user is logged into. For example, common ones are UI, Content, API, and Visualforce.
UI:- Created when using a user interface page.
|Source IP||The IP address is associated with the session.|
|User Type||The profile type is associated with the session.|
|Username||The username is used when logged into the session. You can click the username to go to that person’s profile page.|
|Updated||The date and time stamp of the last session was updated because of the activity. For example, during a UI session type, users make frequent changes to records and other data as they work. With each change, both the Updated and Valid Until date and time stamps are refreshed.|
|Valid Until||The date and time stamp of when the session expires if you don’t end it. In my case it’s 2hours From created or updated whichever is earlier) as I set the session timeout value to 2hours. To check yours follow the path Setup | Security | Session Settings|
Remove user’s Session
To remove a user’s session perform the below steps:
- Click on Setup | Security | Session Management.
- On the User Session Information page, you can view existing user session details, like the below screenshot
- To end a session select the check-box for one or more sessions and click the Remove button.
- Whenever the user whose session was killed, is trying to access anything by clicking, Salesforce will redirect a user to the login page.
Note:- Non-administrators can see their own session information while administrators can view all user sessions for an organization.
I want to hear from you!
What is one thing you learned from this post? How do you envision applying this new knowledge in the real world? Feel free to share in the comments below.