We trust that your MURAL members work with the right mindset when it comes to safeguarding their content and data. Still, as a company administrator, you might want to put a few safeguards in place that help them collaborate with even more peace of mind.

On the sessions page of the company dashboard, you can control how long members stay logged in to MURAL and also how to store their login credentials. This is useful if your members frequently share workstations or access MURAL while in public.

Note: The company dashboard is only available to Enterprise plan customers, and only company administrators on those plans can access it.


Authentication token storage

Depending on your company policy, you may have different needs for how authentication tokens are stored. Authentication tokens determine how long a collaborator’s session is valid. When a token is cleared, the collaborator must log back in to MURAL. So, storing a token for a longer period of time maintains their session longer as well.

MURAL offers the following token storage options:

  • Local storage (default): Tokens persist even after the browser is closed. End-users won’t have to sign in again unless they manually log out or clear their application data, even if they close MURAL and reopen it in a new tab.

  • Session cookies: Tokens are deleted when the browser ends a session, and the collaborator will need to log in again. Browser session definitions vary, though, so keep in mind when choosing this option that it might not be the same for all of your collaborators. For example, some browsers end a session when the application is closed. Others can restore sessions after the browser is closed.

  • Session storage: Tokens are cleared when the tab is closed. End-users must log in again whenever they reopen MURAL. This includes opening MURAL in a new tab, even if the collaborator is using MURAL in an existing tab. While this offers high levels of security, it can lead to a restrictive end-user experience.

Keep in mind that your chosen storage option will impact the experience your collaborators have in MURAL. So, make a selection that best balances the collaborator experience and company security needs. If you have any questions about what that might look like for your organization, reach out to support@mural.co.

Idle timeout

As the company administrator, you have the option to automatically end members’ sessions after a period of inactivity. With this enabled, you can choose a number of minutes, hours, or days after which members will be logged out if they aren’t active in MURAL. When a member reopens MURAL after this window of time, they will need to log in again.

Note: Simply moving a cursor does not count as activity in MURAL.

Idle timeout is available for Enterprise plan customers, however initial configuration must be completed by MURAL’s Customer Success team.

Did this answer your question?