Out IT security has raised a concern with reporting through Omnimobile. Is it possible to configure the sessions so that if a browser is inactive for a period of time then a session timeout is triggered?
Omniscope uses HTTP Basic Authentication, which when combined with HTTPS is a simple but secure solution. However the HTTP Basic Authentication protocol doesn't allow for timeout.
We plan to develop support for session-based authentication in future. Meanwhile if this is essential you must use a 3rd party solution to provide authentication instead of Omniscope. This entails disabling all Omniscope security options (i.e. giving anonymous all necessary permissions), disabling external access to Omniscope, and instead using a HTTP security reverse proxy like Keycloak to provide your security layer.