Replies: 2 comments 3 replies
-
|
Interesting use case, where did such requirement come from, is it business/functional, or is driven by security requirement? |
Beta Was this translation helpful? Give feedback.
-
|
This is a business requirement: I work for a publisher and we sell subscriptions to premium online content. In order to limit account sharing, a subscriber may not be logged in more than x times simultaneously. |
Beta Was this translation helpful? Give feedback.
-
|
One option for session management is using a first-in, first-out approach (FIFO), where the first session started is the first one to be terminated. Alternatively, does your application allow users to view all active sessions and select which one to terminate? In that case, the user would manually choose the session to end. |
Beta Was this translation helpful? Give feedback.
-
|
The FIFO approach sounds like what we are doing currently with our custom IDP (which will be phased out in favour of an alternative like Logto). Users don't have any say in what session is terminated, so it's always the oldest (or first as you call it). |
Beta Was this translation helpful? Give feedback.
-
|
@marcagrio can you put in feature request at https://github.com/logto-io/logto/issues/new/choose - @gao-sun and eng team for visibility |
Beta Was this translation helpful? Give feedback.
-
I am considering introducting Logto to my company, but we have a requirement where a user can be logged in with a maximum of 5 sessions. When he logs in a sixth time, the oldest session should be terminated. Can Logto provide this functionality?
Beta Was this translation helpful? Give feedback.
All reactions