When a user logs in to Cosmo Studio, a new session is created. The session is renewed every eight hours while the user is active and is terminated after 72 hours of inactivity. This limit has been established following standards set by authorities like Auth0, Cloudflare, to mention a few. Sessions have a maximum lifetime of 14 days from the time of authentication. After this period, the session will automatically expire, and you will be required to reauthenticate to continue using the service. It is recommended to use Google or GitHub during sign in, as these services provide a extended security for user authentication. Organizations can also configure their preferred Identity Provider when they want full control over their members.
High-risk operations, such as deleting an organization, are protected behind an email confirmation.