CF Zero Trust, application session duration

Hey. I have set up several applications with email authentication and they work. But I don’t understand how ‘session duration’ works. I tried 15 minutes, and tried ‘No duration, expires immediately’ but the application never asked me to authenticate again after the first successful attempt. How does this feature work?..

1 Like

I have the same problem. Did you ever find an answer on this? Remote users can close their browsers and when they reopen them, the application is still accessible without re-authentication.