All questions have an answer. Often more than one. When we receive one in Support, we do our best to answer them or find workarounds that will fit clients' use cases. But there are a few unmovable things about Igloo, and a few questions this month made them worth highlighting. These are functions that have practical, security, or compliance implications that mean they can't be adjusted .  

Can I limit the access of Administrators?

Digital workplace administrators have Full access to everything, and access to the entire Control Panel. They can make all the rules, and break all the rules. They hold all of the keys in your Igloo, and should be the people you trust most. 

While the platform doesn't currently support limiting the power of Administrators, you can use Space Administration, Access, and Roles to provide access to limited administrative functions for members. Rather than limiting your full administrators, your digital workplace offers tools to elevate other members' powers to help them do what they need. 

Can I remove the login button on integration widgets?

Every integration requires authorization from the person using it. This gives the widget access to the service it's connecting to, and ensures that their access is respected across services. People using the Google Drive integration only have access to files they could reach through Drive directly, for example. 

Igloo integrations use the OAuth 2.0 method, which means a human being has to be involved in that authorization process. The first time they encounter the widget, they'll see the login button, and select that to start the authorization. The token from that process will remain for thirty days, after which they'll have to authorize it again. 

Can I keep sessions active forever?

This past October, we introduced the ability to customize the length of sessions, letting administrators decide how long members remain logged in while inactive. However, the maximum session retention is thirty days, like integration authorization and the Remember Me feature. 

The session expiration is a security feature that ensures that if someone is inactive for a long time, such as leaving their computer unattended, they'll be logged out accordingly. Many administrators set the session timer much lower than thirty days, opting for the length of their typical workday, or using the Browser Session Termination setting, which ends the session when the browser is closed. 

As always, if you have questions about the Igloo platform, workflows, or best practices, you can leave a comment here, or ask a question in the Community area.