A session lifetime defines a session duration. Session lifetime is an important security feature because it prevents administrators from keeping sessions open indefinitely, leaving them vulnerable to unauthorized access. When you edit a session lifetime, you can change settings such as the maximum session lifetime, and how long a session can be idle before the system closes it.
Each time an administrator logs on to the Security Console, Operations Console, or Self-Service Console, the following sessions are created:
The Console and Command API Session settings control the authenticated or active sessions for administrators in the web-based consoles or the command application programming interface (API). The default settings are 30 minutes idle time-out and 8 hours of total lifetime.
The Authentication Manager web-based administrative consoles are the Security Console and the Operations Console. The command API is used by programmers, web developers, or systems engineers responsible for developing custom software applications that interact with the Authentication Manager system. For information on the command API, see the RSA Authentication Manager Developer’s Guide.