Limit policy based session access mobile refresh token interval

Release version: Australia

Updated March 12, 2026

1 minute to read

Use the glide.authenticate.session_access.mobile.refresh_token_interval property to govern the length of time that must elapse before a mobile device user will be forced to re-authenticate.

The glide.authenticate.session_access.mobile.refresh_token_interval suystem property governs the length of time after which a mobile device user will be forced to re-authenticate. This only applies if the admin has configured the Identity Provider attributes (which can vary for each login) in the session access policy and the user authenticates via Single Sign On (SSO). The property value is an integer in seconds. The recommended value is 1800 (30 minutes).

Ensure that the glide.authenticate.session_access.mobile.refresh_token_interval property is set to a value of 1800 or below.

More information


Attribute	Description
Configuration name	glide.authenticate.session_access.mobile.refresh_token_interval
Configuration type	System Properties (/sys_properties_list.do)
Data type	integer
Recommended value	An integer less than or equal to 1800
Default value	<none>
Fallback value	1800
Category	Session management
Security risk	Severity score: 4.3 CVSS score: Medium Security risk details: A large value may grant a larger timeframe for session access to be hijacked by an attacker.
Dependencies and prerequisites	Zero Trust- Policy Based Session Access
Functional impact	This setting governs the time in seconds after login, that users will be forced to logout from mobile devices if they are using Single Sign On to authenticate, and admin has configured the Identify provider attributes in the session access policy.