> ## Documentation Index
> Fetch the complete documentation index at: https://docs.curator.interworks.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Session Expiration Warning

> Notifies logged-in users before their server-side session expires, giving them a chance to stay logged in or reload the page.

Curator shows a modal to logged-in users shortly before their server-side session expires. This prevents
embedded content (such as Power BI reports that rely on cached authorization tokens) from quietly breaking
when a user has left a page idle for a long time.

The warning is enabled automatically for all logged-in users. There is no setting to toggle it on or off —
the only thing you control is when it appears, via the session lifetime.

## How it works

The modal has two states:

1. **Warning** — appears before the session expires, with two buttons:
   * **Continue** sends a lightweight request to the server, refreshes the session, and dismisses the modal. If the request fails (session has already expired), the modal switches to the **Expired** state with a **Reload** button instead of closing silently.
   * **Log Out** redirects the user to the logout page.
2. **Expired** — if the user does not act in time, the modal switches to an expired state with a single
   **Reload** button that refreshes the page so the user can log in again.

The timer also resets automatically whenever the page makes any background request to the server, so users
who are actively interacting with Curator (loading dashboards, navigating, etc.) will not see the warning.

## When the warning appears

The warning timing is derived from the session lifetime:

| Session lifetime     | Warning appears                     |
| -------------------- | ----------------------------------- |
| 20 minutes or longer | 10 minutes before expiry            |
| Less than 20 minutes | At the halfway point of the session |
| Less than 5 minutes  | Not shown                           |

## Configuring the session lifetime

The session lifetime is controlled by the `SESSION_LIFETIME` value in your `.env` file, expressed in
minutes. The default is 360 minutes (6 hours).

```bash theme={null}
SESSION_LIFETIME=360
```

Lowering this value will cause the warning to appear sooner; raising it will delay the warning. Changes
take effect on the next request after the configuration cache is cleared.

## Relationship to automatic logout

This feature is separate from Curator's automatic logout. Both can be active at the same time:

* **Automatic logout** tracks user activity in the browser (mouse, keyboard, scrolling). It exists to log
  out users who have stepped away from their desk.
* **Session expiration warning** tracks the server-side session. It exists to warn users whose session is
  about to expire on the server even though they may still have the page open.
