After July 2021, the 2.3.x release line no longer received quality updates or user guide updates. PHP 7.3 reached end of support in December 2021, and Adobe Commerce 2.3.x reached end of support in September 2022. We strongly recommend upgrading to Adobe Commerce 2.4.x to help maintain PCI compliance.

Customer Session Lifetime

This site contains archived merchant documentation for a version of Adobe Commerce and Magento Open Source that has reached end-of-support. The documentation available here is intended for historical reference only and is not maintained. The Adobe Commerce Merchant Documentation for current releases is published on the Adobe Experience League.

The lifetime of a customer shopping session is determined by several factors, including the length of the server session, the use of a persistent cart, and the lifetime of information that is stored in the browser. Although these are related to the same customer experience, they are actually separate processes with different expiration events and lifetimes.

Session Information that is stored on the server, such as the contents of the shopping cart. If the server session expires before the cookie expires, customers might lose the cart contents and reduce security risk.
Session Cookie Information that is stored in the browser as a number or string of characters. If the session cookie expires before the server session, the customer is logged out. The session cookie is deleted when the customer closes the browser window. By default, the cookie lifetime is set to 3600 seconds, or one hour. If there is no keyboard activity during that time, the current session ends, and customers must log back into their accounts to continue shopping.

If Persistent Cart is enabled, the cart contents are saved for the next time customers sign into their accounts. When using a persistent cart, it is recommended that you set the lifetime of the server session and the session cookie to a long period of time.

On the server, the length of the session is controlled by php.ini, and several variables. At this time, Magento does not have an Admin configuration setting that controls the length of the server session.

  1. On the Admin sidebar, go to Stores > Settings > Configuration.

  2. If you have multiple stores, set the Store View chooser in the upper-right corner to the store where the configuration applies.

  3. In the left panel under General, choose Web.

  4. Expand Expansion selector the Default Cookie Settings section.

    Default Cookie Settings

  5. To change the default, clear the Use system value checkbox and enter the new value in seconds.

  6. Click Save Config.

© 2024 Adobe. All rights reserved.