Session model and concurrency rules
Session duration
Sessions expire after 30 minutes of inactivity. An active session is refreshed as the user continues to interact with the platform. When a session expires, the user is prompted to sign in again.
Single-session enforcement
Each user can have only one active session at a time. The platform uses a browser fingerprint to identify the session.
- Same browser/device: Re-logging in on the same browser replaces the old session seamlessly.
- Different browser/device: If a user attempts to log in from a second location while a session is already active, the login is rejected with a message. The user must end the existing session before logging in elsewhere.
Concurrent user limits
Each account may have limits configured on how many users can be simultaneously logged in:
- Basic users (role: User or Embed Only): governed by the account’s
limitUserBasicsetting. - Advanced users (roles: Admin or Designer): governed by the
limitUserAdvancedsetting.
If the limit is reached for a user’s type, the login is rejected with an appropriate message. Contact your platform support team to adjust these limits.