Lock on App Logout Failure

Imprivata MDA supports the ability to configure the device to lock when an app fails to log out. This can be configured by one of the following methods:

  • At a global level, by adding an AppConfig setting in your MDM.

  • For a specific app, by adding an attribute to the mobile policy.

When the feature is configured, MDA locks the device when an app logout fails and preserves the current user's session. The user authenticates to Imprivata MDA again and continues the preserved session.

  • If the user attempts to log out again after they re-authenticate, MDA clears the user session if the logout succeeds. If the logout fails again, MDA continues to treat the user as logged in.

  • Admin mode behavior continues to follow the existing admin mode handling.

  • Entering guest mode locks the device.

Requirements

Take note of the following prerequisites:

  • Imprivata MDA 10.0 and later.

Configure Lock on Logout Failure

NOTE:

This feature is configured via the AppConfig using an MDM. See the Imprivata MDA AppConfig Reference for supported MDM AppConfig keys.

To configure the device to lock when any app fails to log out, add the following key to your MDM:

ConfigFlags - Allows Imprivata MDA to allow the browser logout actions to be the final step.

  • The AppConfig Configuration Key field for this feature is "ConfigFlags".

  • The AppConfig Value Type for this feature is "String".

  • The AppConfig Value is lockOnLogoutFail.

Configure Lock on Specific App Logout Failure

To configure the device to lock when a specific app fails to logout, add the lockOnLogoutFail attribute to the specific app in the Customization > Messaging and other apps section of the mobile policy.