Skip to main content

Change interface security settings

Contributors netapp-madkat
PDFs

The interface security settings let you control whether users are signed out if they are inactive for more than the specified amount of time and whether a stack trace is included in API error responses.

Before you begin
About this task

The Security settings page includes the Browser inactivity timeout and Management API stack trace settings.

Browser inactivity timeout

Indicates how long a user's browser can be inactive before the user is signed out. The default is 15 minutes.

Browser inactivity timeout is also controlled by the following:

  • A separate, non-configurable StorageGRID timer, which is included for system security. Each user's authentication token expires 16 hours after the user signs in. When a user's authentication expires, that user is automatically signed out, even if browser inactivity timeout is disabled or the value for the browser timeout has not been reached. To renew the token, the user must sign back in.

  • Timeout settings for the identity provider, assuming single sign-on (SSO) is enabled for StorageGRID.

    If SSO is enabled and a user's browser times out, the user must reenter their SSO credentials to access StorageGRID again. See Configure single sign-on.

Management API stack trace

Controls whether a stack trace is returned in Grid Manager and Tenant Manager API error responses.

This option is disabled by default, but you might want to enable this functionality for a test environment. In general, you should leave stack trace disabled in production environments to avoid revealing internal software details when API errors occur.

Steps

  1. Select CONFIGURATION > Security > Security settings.

  2. Select the Interface tab.

  3. To change the setting for browser inactivity timeout:

    1. Expand the accordion.

    2. To change the timeout period, specify a value between 60 seconds and 7 days. The default timeout is 15 minutes.

    3. To disable this feature, unselect the checkbox.

    4. Select Save.

      The new setting doesn't affect users who are currently signed in. Users must sign in again or refresh their browsers for the new timeout setting to take effect.

  4. To change the setting for Management API stack trace:

    1. Expand the accordion.

    2. Select the checkbox to return a stack trace in Grid Manager and Tenant Manager API error responses.

      Caution Leave stack trace disabled in production environments to avoid revealing internal software details when API errors occur.

    3. Select Save.