Auth0 Home Blog Docs

Auth0js - checkSession call Limit

auth0
limits
checksession
#1

Hi,

We currently implementing Silent Authentication on our Web App (Single App - React).

The documentation is very clear about that. The right way seems to be using the method checkSession() for having a new valid access Token.

However, it also seems that there is a limit between two calls for this method, actually 15 minutes.

Does it means that :

  • if the token life time is less than 15 minutes, can we block the access to the API for everyone ?
  • if someone create a loop on this method can he block the access to the API for everyone ?

Thanks for answers !

#3

:wave: @clement I am not sure I understand your questions fully - are you looking to restrict how often you call the checkSession method?

#4

Sorry if it was not clear :sweat_smile:

Actually I want to know if there is a restriction of call with checkSession by default.

If yes, how many ?

#5

Hi @clementt it is no problem! I apologize for the delay on response, if we set the SSO Cookie Timeout to something like 1 minute. And we proceed with our application, we perform the authentication flow and establish a session, we perform a checkSession call the call will work. If we wait for the session to expire, for example around 2 minutes after (remember we set SSO Cookie timeout to 1 minute and we perform a checkSession call it will fail. But, if we set to call checkSession before the SSO Cookie Timeout then we can silently re-authenticate the user and they can continue to use the application.

closed #6

This topic was automatically closed after 14 days. New replies are no longer allowed.