What are Timeout Settings in D365?

With the timeout settings, users can upgrade security to customer-facing apps like Dynamics 365 Sales, Dynamics 365 Customer Service, Microsoft Dynamics 365 Field Service, Microsoft Dynamics 365 Marketing, and Microsoft Dynamics 365 Project Service Automation to make them safer to use, helping them with session and access control.

Controlling When a User’s Session Times out.

In this update, we get rid of the 24-hour session cap. This implies that if a user opens a customer interaction app and another Microsoft service app, like Outlook, inside the same browser session over 24 hours, the system will not prompt the user to sign in again.

Comply with the Microsoft 365 Active Directory Session Policy.

The timeout setting for the customer attachment applications is handled automatically by the Azure Active Directory (Azure AD). The Policy Check Period (PCP) claims of the Microsoft Azure password token are used by apps that interact with customers.

Without requiring user interaction, Azure AD’s immediate policy is always enforced, and the latest Microsoft Azure ID token is retrieved in the background by Azure AD). The Azure AD sessions policy is followed when the administration bans or deletes a user’s account, prevents the user from logging in, and the administration or client revokes the renewal token.

As long as the Microsoft AD token lifespan policy is set to “Continue” or “Never Expire,” the token refresh cycle will keep going in the background. Users will only need to reauthenticate with Azure AD again once the token’s lifespan policy expires, at which point the system will block them from accessing the customer engagement applications or the Microsoft Data verse.

Note: By default, a refresh token for Azure AD will expire after 90 days. The parameters of this token’s lifespan are modifiable.

The minimum user session time goes back to 24 hours if any of the following things happen, which goes against the Microsoft Azure sessions policy:

By manually entering the ambient address (either on the same or a new browser tab), the Power Platform management portal accesses a browser session, and we get the environment.

From the Power Platforms administration center’s environments tab, pick the Open link to circumvent the policy bypass and the minimum 24-hour user session.

Start your browser at version 9.1.0.3647 or later and switch to an earlier version within the same session.

You may switch to the secondary data to avoid the policy bypassing and user lifetime change—secondary data in a new browser tab.

You may check your customer engagement app version by signing in, going to the menu in the three dots (…) in the top right corner, and then clicking about.

Inactive to Disruptions in Azure Active Directory

Customers that have decided to “stay signed in” or whose PCI claims have not yet expired will still be able to access the consumer engagement applications and Data verse content even if Azure AD experiences periodic disruptions.

Specify a Unique Session Timeout for Each System.

Administrators can still change the duration and inactivity expiration parameters in computer settings to accommodate scenarios requiring unique values. A user’s session will end and be sent to Azure AD to reauthenticate if these settings are in place.

To modify this pattern of conduct Admin can establish a session timeout for their settings to require users to reauthenticate after a specific amount of time has passed. Signed-in users have a one-and-only session lifetime in the app. When a user’s session time runs out, the program automatically logs them out. To use D365 for CE applications again, users must first log in.

Set a Session Timeout

If you go to the Power Platform’s control panel, you may choose between several settings.

To access Privacy + Security, go to Settings > Product

Establish a time limit for the session’s lifetime and inactivity. In general, everyone should utilise these settings.

Warning for Inactivity

A session timeout is not enabled by default in customer attachment apps. A user’s session will stay active until the session timeout has been reached. This attitude is modifiable.

Administrators may establish an inactivity timeout for each of your environments to ensure that users are automatically logged out after a specific amount of time has elapsed without any action. When a user’s session timeout has passed due to inactivity, the app logs them out.

Note: The following situations do not trigger the inactivity session timeout:

  • The Power of Dynamics 365 in Outlook
  • Mobile and tablet versions of Dynamics 365
  • WPF-based unified client for the service desk (Internet Explorer is supported)
  • Real-Time Help (Chat)
  • Energized Canvas Applications
  • WPF-based unified client for the service desk (Internet Explorer is supported)

Set a time limit for inactivity.

If you go to the Power Platform’s control panel, you may choose between several settings.

To access Privacy + Security, go to Settings > Product

Define an inactivity or session timeout. These settings will have an impact on all users.

Conclusion

Setting up timeout settings in Dynamics 365 is crucial for maintaining the security and safety of customer-facing applications. With these settings, users can control when their sessions time out and comply with Microsoft 365 Active Directory Session Policies.

Administrators can establish a session timeout for their settings and specify a session timeout unique to each system to require users to reauthenticate after a specific amount of time has passed.

If you’d like to talk about setting up Timeout Setting in Dynamics 365, feel free to contact us. With a focus on CRM Solutions, CRM for Distribution, Managed Network Services, Unified Communications, and Internet Cloud Computing, Stallions Solutions is a top provider of IT solutions in the UK.