Define user login expiration, dashboard expiration, allowed domains, etc
You can define how long a user can be logged in, for which domains/IP ranges they can log into Cortex XSOAR, deactivate inactive users, allow domains, limit API access from specific IP addresses, etc., by going to the Security Settings page ( → → → ).
User Login Expiration
Select the number of hours after which the user login session expires.
Select whether the dashboard window expires at the same time as login or after 7 days. This is useful where you view a dashboard on a separate screen. For example if the user selects 7 days for dashboards and 8 hours for login expiration, if the user is currently viewing the dashboards screen, the dashboard expiration takes priority (7 days).
If enabled, specify the domains from which you want to allow user access (login) to Cortex XSOAR. You can add or remove domains as necessary.
Approved IP ranges
If enabled, specify the IP address ranges from which you want to allow user access (login) to Cortex XSOAR. You can also choose to limit API access from specific IP addresses.
Deactivate Inactive User
Enables you to deactivate an inactive user, and also set the user deactivation trigger period. By default, user expiration is disabled. When enabled, enter the number of days after which inactive users should be deactivated.
Enables you to specify one or more domain names that can be used in your distribution lists for reports. For example, when generating a report, ensure the reports are not sent to email addresses outside your organization.