Some organizations have made it part of their information security controls that users of applications should reauthenticate frequently, for example after a user has been active for more than 15 minutes. Technical enforcement of such reauthentication measures can be partially controlled by Moveshelf, and when SSO is enabled, also partially controlled by the IT department of your organization.

Reauthentication measures controlled by Moveshelf
By default, Moveshelf requests the user to reauthenticate when the 'Sign out' button in Moveshelf is used.

It's also possible to turn on a configuration option for your organization which, in addition, triggers reauthentication in the following cases:

• After 15 minutes of inactivity on Moveshelf (no key presses or mouse movement)
• After the browser tab is closed

To turn on the configuration option mentioned above, please contact Moveshelf support.

Reauthentication measures controlled by the customer's Entra ID (Azure AD)
When SSO using Entra ID is set up and enabled, the IT department of your organization controls the reauthentication behavior of Entra ID. For example, your organization could decide to require extra security factors when a user attempts to login from outside its local network. In Entra ID terms, this is known as a Conditional Access Policy.