How long is the session duration for Amplify global passwords?


I have a static website deployed through Amplify, and have a global password enabled via the access control settings. What I'm trying to find out it is, after what amount of time of inactivity/not visiting the site will the site prompt a visitor to re-enter the password after they've already entered it?

Thank you.

asked 2 months ago120 views
2 Answers
Accepted Answer

Typically, session durations are set based on the specifics of the underlying implementation, which might be related to cookies or session tokens. For most basic authentication setups like the one provided by AWS Amplify, session expiration might default to standard browser session handling, or until the browser window is closed. In some systems, there may be a preset timeout for security purposes, often ranging anywhere from 30 minutes to several hours.

profile picture
answered 2 months ago
profile pictureAWS
reviewed 2 months ago

It's not letting me reply to your answer for some reason, but thank you so much, Oleksii!

answered 2 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions