# User sessions

A user’s session will automatically end after a period of inactivity. This feature is called inactive session timeout. This is a security measure to prevent unauthorized access to sensitive data if a user leaves their computer unattended. SonarQube will log the user out after the timeout period. By default, the inactive session timeout is 3 days. You can change it.

{% hint style="info" %}
With SonarQube Server, an active session timeout is also supported. For more information, see [Feature comparison table](/sonarqube-community-build/feature-comparison-table.md).
{% endhint %}

To configure the inactive session timeout, set the following sonar property in `<sonarqubeHome>/conf/sonar.properties`. You can use the environment variable instead.

| <p>sonar.web.sessionTimeoutInMinutes</p><p>SONAR\_WEB\_SESSIONTIMEOUTINMINUTES</p> | <p>Inactive session timeout (in minutes). The maximum time a user can remain idle (no activity) before the session ends. If the user does not interact with the system within this time, they are logged out.</p><p><strong>Default value</strong>: <code>4320</code> (3 days)</p><p><strong>Minimum value</strong>: <code>6</code></p><p><strong>Maximum value</strong>: <code>129 600</code> (90 days)</p> |
| ---------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.sonarsource.com/sonarqube-community-build/instance-administration/security/user-sessions.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.