Auth0js - checkSession call Limit

clementt · October 26, 2018, 1:06pm

Hi,

We currently implementing Silent Authentication on our Web App (Single App - React).

The documentation is very clear about that. The right way seems to be using the method checkSession() for having a new valid access Token.

However, it also seems that there is a limit between two calls for this method, actually 15 minutes.

Does it means that :

if the token life time is less than 15 minutes, can we block the access to the API for everyone ?
if someone create a loop on this method can he block the access to the API for everyone ?

Thanks for answers !

kimcodes · October 29, 2018, 4:49pm

@clement I am not sure I understand your questions fully - are you looking to restrict how often you call the checkSession method?

clementt · October 31, 2018, 1:08pm

Sorry if it was not clear

Actually I want to know if there is a restriction of call with checkSession by default.

If yes, how many ?

kimcodes · December 5, 2018, 10:30am

Hi @clementt it is no problem! I apologize for the delay on response, if we set the SSO Cookie Timeout to something like 1 minute. And we proceed with our application, we perform the authentication flow and establish a session, we perform a checkSession call the call will work. If we wait for the session to expire, for example around 2 minutes after (remember we set SSO Cookie timeout to 1 minute and we perform a checkSession call it will fail. But, if we set to call checkSession before the SSO Cookie Timeout then we can silently re-authenticate the user and they can continue to use the application.

jerdog · January 22, 2019, 12:00am

This topic was automatically closed after 14 days. New replies are no longer allowed.