How long is the session duration for Amplify global passwords?

Question

I have a static website deployed through Amplify, and have a global password enabled via the access control settings. What I'm trying to find out it is, after what amount of time of inactivity/not visiting the site will the site prompt a visitor to re-enter the password after they've already entered it?

Thank you.

Accepted Answer

Typically, session durations are set based on the specifics of the underlying implementation, which might be related to cookies or session tokens. For most basic authentication setups like the one provided by AWS Amplify, session expiration might default to standard browser session handling, or until the browser window is closed. In some systems, there may be a preset timeout for security purposes, often ranging anywhere from 30 minutes to several hours.

Answer

It's not letting me reply to your answer for some reason, but thank you so much, Oleksii!

How long is the session duration for Amplify global passwords?

相關內容