You can enable idle timeout for Webex App for web users, so they are signed out of their account after a specified amount of time. This applies to both in-network and off-network Webex App for web users.
Overview
You can choose different idle timeouts for in-network or off-network Webex App for web users. In-network users are connected to your organization's network, whereas off-network users are not.
The steps in the Turn on idle session timeout for off-network users section are the only ones required if you want to use one idle session timeout for all users in your organization.
If you enter a valid cross-origin resource sharing (CORS), then you can specify different idle session timeouts for in-network and off-network users.
You can set the following values for an idle timeout:
-
0—There is no timeout and sessions remain open until the user signs out
-
30 minutes
-
1 hour—This is the default value for in-network and off-network users
-
2 hours
-
4 hours
-
8 hours
-
12 hours
Turn on idle session timeout for off-network Webex App for web users
| 1 | Sign in to Control Hub, then under Management, select Organization Settings. |
| 2 | In the Idle Timeouts section, toggle on Webex web client idle timeout. |
| 3 | Below Off network, select the amount of time that off-network Webex App for web users can stay idle. |
Turn on idle session timeout for in-network Webex App for web users
| 1 | Sign in to Control Hub, then under Management, select Organization Settings. |
| 2 | In the Idle Timeouts section, toggle on Webex web client idle timeout. |
| 3 | Enter a URL that allows CORS requests from web.webex.com. |
| 4 | Below In Network, select the amount of time that in-network Webex App for web users can stay idle. |
Testing for in-network users
CORS is a service that allows your web server to provide resources to websites outside of your domain. When users sign in to web.webex.com, their browser is notified to make a CORS request to the URL that you provide. If that request succeeds, it shows that they are in your network. If the request fails, web.webex.com treats them as if they are off your network.
If you select an idle session timeout for in-network users, then you must provide a URL for a web server within your network that allows CORS requests from web.webex.com. This web server can’t be accessible from the public Internet.
 | CORS URLs are case-sensitive. |
Your CORS site needs to allow sharing with web.webex.com. The following example shows acceptable CORS entries in that server’s configuration:
access-control-allow-origin: web.webex.comaccess-control-allow-origin: *You can use tools like postman to check or verify the access-control-allow-origin setting, or you can use this curl command:
curl -H "Origin: https://web.webex.com" --verbose {your_CORS-enabled-site_Url} 2>&1 | grep "access-control-allow-origin" If the URL you enter does not allow CORS access with web.webex.com, then the in-network connectivity test fails. Users will be determined to be off-network, even if they are connected to your organization’s network.
| Configuring a CORS URL is optional. |
If you enable idle timeout for in-network users and don't provide a CORS URL, or the CORS URL fails the network connectivity test, then the duration you select for off-network users is applied to in-network users.
For more information about adding CORS support to your server, see https://enable-cors.org/server.html.
