Sessions should only be created when the service can prove trust such as using authentication credentials. Sessions should be closed after periods of inactivity or when a user logs out.
Click on the paperclip or four line icons to access more information about the source document and provision information.
Download this data
Download a copy of this map