bmoon4 opened a new issue, #48076: URL: https://github.com/apache/airflow/issues/48076
### Description Currently, Airflow only support inactive session timeout via the `session_lifetime_minutes` config option. This handles session expiration after a period of inactivity, which is great - but it doesn't cover cases where a session should expire regardless of activity (i.e, an active session timeout). This is a common requirement in environments with stricter security/compliance policies (e.g, session must expire after x hours, even if user is active) ### Use case/motivation Introduce a new configuration option (e.g, `session_max_lifetime_minutes`) that defines the maximum duration a session can remain valid from the time of login, regardless of user activity. This feature will help admins better enforce time-based access control. ### Related issues _No response_ ### Are you willing to submit a PR? - [ ] Yes I am willing to submit a PR! ### Code of Conduct - [x] I agree to follow this project's [Code of Conduct](https://github.com/apache/airflow/blob/main/CODE_OF_CONDUCT.md) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
