Magento 2 backend session timeout

In Magento 1.x the backend session timeout was set via:
Backend -> System -> Configuration -> Admin -> Security -> Session Lifetime (seconds)

Initially, my question was how to set this in Magento 2.0, but apparently there are differences between Magento 2.0 and Magento 2.1

For Magento 2.0: Arkadii Chyzhov has pointed out how to set this (see below).

For Magento 2.1: fschmengler has suggested a solution (see below).

However, M 2.1 appears not to provide a straightforward solution via the backend. Can anybody come up with an additional solution for M 2.1?


Check attached image screenshot for better understanding of admin process.

Go to Stores->Settings->Configuration->Advanced->Admin->Security->Admin Session Lifetime (seconds)

And check screenshot. enter image description here

Stores > Settings > Configuration > Advanced > Admin > Security > Admin Session Lifetime (seconds)

Also, there is a possibility to set this parameter directly to the database, just put a value under the path


in the table core_config_data


Magento 2.1 admin cookie life time = Stores > Settings > Configuration > Advanced > Admin > Security > Admin Session Lifetime (seconds) or till the user closes the browser

Since Magento 2.1 introduces lifetime for admin cookie as "expires on browser close", together with value in

Stores >Settings > Configuration > Advanced > Admin > Security > Admin Session Lifetime (seconds)

That means, that session lifetime equals the value in

Stores > Settings > Configuration > Advanced > Admin > Security > Admin Session Lifetime (seconds)

or when a browser is closed.

Or you can set up a new value for admin cookie like it is proposed in fschmengler's answer

Solution for Magento 2.1+

Since Magento 2.1 the admin session lifetime is always "session", i.e. until the browser is closed. This has been might have been introduced for security reasons.

The relevant code is in Magento\Backend\Model\Session\AdminConfig:

 * Set session cookie lifetime to session duration
 * @return $this
protected function configureCookieLifetime()
    return $this->setCookieLifetime(0);

If you want to change this behavior, you can add a plugin for this class with the following interceptor method:

public function beforeSetCookieLifetime()
    $lifetime = $this->scopeConfig->getValue(
    return [$lifetime, \Magento\Framework\Session\Config::COOKIE_LIFETIME_DEFAULT];

Where $this->scopeConfig should be an instance of \Magento\Framework\App\Config\ScopeConfigInterface, injected via constructor parameter.

This way the cookie lifetime is used from configuration, just as in the frontend.

Note that the configuration in Stores > Configuration > Advanced > Admin Security > Session Lifetime does not have any effect on the cookies anymore! It is used to determine Redis session lifetime, so if you increase the cookie lifetime, you should also increase this value.

Similar questions

Recover Data from Session Timeout
I've just spent the last 45 minutes entering new information into a magento 1.9 store admin specifically the pages section. I go to hit save, only to find that Magento has logged me out. I've lost the last 45 minutes of my progress, leaving me frustrated and annoyed. Is there a way to find this data or have I got to write the information again?
Magento2.2.6 Admin Session Timeout Not Working
Something is wrong with the admin session timeout in Magento2.2.6. I have everything set to 1 day however it's all ignored. I get logged out if I'm inactive for 15 minutes. I have vendor/magento/module-encryption-key/etc/config.xml set to 86400 and here are screenshots of my PHP and admin settings and my cookie which shows an expiration date of tom...
Magento1.8.1.0 - Admin session timeout won't go above 15min
I have an issue with the Admin session timeout in Magento shop older version I have configured the value in seconds -> 3600 in Admin configuration but it still closes Admin session in 900 seconds. I have checked the database and there is only There is no admin/security/session_lifetime as I have seen in some responses to this topic. Could ...
Load popup only based on session timeout
I have initialized a popup But the above popup triggers on every refresh. I want the popup to load once once the site is called or closing and opening the browser again to the page (based on session expire).
Getting New Session Id before session expires,checkout/session car is empty even cart has item
I have a local module, which adds product to cart.To add to cart i have some conditional check before adding to cart,and i am using getSingleton('checkout/session')->getQuote() object for getting number of items in cart. My code, initially checks number of items in cart in that session,by below code. adding Product to cart code, My Question is ,...
Magento Error "Order saving error: SQLSTATE[HY000]: General error: 1205 Lock wait timeout exceeded; try restarting transaction" at backend
Magento showing error Order saving error: SQLSTATE[HY000]: General error: 1205 Lock wait timeout exceeded; try restarting transaction, on placing order at backend. Still Order has been saved with status "pending" and then if I generate invoice, this does not show MRP in invoice PDF. So I need to cancel this order and have to reorder this, this time...

Also ask

We use cookies to deliver the best possible experience on our website. By continuing to use this site, accepting or closing this box, you consent to our use of cookies. To learn more, visit our privacy policy.