Define user login expiration, dashboard expiration, allowed domains, etc
You can define how long a user can be logged in, for which domains/IP ranges they can log into Cortex XSOAR, deactivate inactive users, allow domains, limit API access from specific IP addresses, etc., by going to the Security Settings page ( → → → ).
Session Expiration
Settings | Description |
|---|---|
User Login Expiration | Select the number of hours after which the user login session expires. |
Dashboard Expiration | Select whether the dashboard window expires at the same time as login or after 7 days. This is useful where you view a dashboard on a separate screen. For example if the user selects 7 days for dashboards and 8 hours for login expiration, if the user is currently viewing the dashboards screen, the dashboard expiration takes priority (7 days). |
Allowed Sessions
Settings | Description |
|---|---|
Approved Domains | If enabled, specify the domains from which you want to allow user access (login) to Cortex XSOAR. You can add or remove domains as necessary. |
Approved IP ranges | If enabled, specify the IP address ranges from which you want to allow user access (login) to Cortex XSOAR. You can also choose to limit API access from specific IP addresses. |
User Expiration
Settings | Description |
|---|---|
Deactivate Inactive User | Enables you to deactivate an inactive user, and also set the user deactivation trigger period. By default, user expiration is disabled. When enabled, enter the number of days after which inactive users should be deactivated. |
Allowed Domains
Settings | Description |
|---|---|
Domain Name | Enables you to specify one or more domain names that can be used in your distribution list for audit forwarding. |