Is there any way to reduce the session timeout to 15 minutes, wherein the user must be prompted for 2FA?
As per PCI requirement, we need to have a 15-min long session, the connection should be closed and the user must enter the 2FA again
Unfortunately at this time we do not support session lengths any shorter than 1 hour.
If you’re using an IdP to manage your logins, you may be able to set a shorter session timeout there, which would force a reauth when it expires, but that will be IdP specific.
I apologize for the inconvenience.