As I understand the parameter “session_length” remain the number of a second that use logged in to Looker, but if I want to make embed URL expire sooner than, how can I do?
You cannot alter the expiration of an embed URL after its creation— It must be used within 5 minutes of creation (set by the time: parameter in your URL creation script), or it will fail to authenticate.
But, once a user has used the embed URL to authenticate and start a session, you can end that session via the API whenever you’d like! See the delete_web_login_session endpoint.
Moral of the story— You can’t do this with just the embed URL, but you can use the API to kill sessions.