Refresh
Learn about session refresh in Corbado’s session management.
The short-term session (represented as JWT) has a limited validity period and requires refreshing. To accomplish this, the refresh logic, written in JavaScript, must be integrated into your frontend. The logic consists of two main components: the session watcher and the refresh routine.
Session watcher
The session watcher checks every 10 seconds if there exists a short-term session (represented as JWT) cookie. If so, it starts the refresh routine.
Refresh routine
In order to refresh the short-term session (represented as JWT), 60 seconds before the short-term session expires, a refresh will be triggered. This refresh fetches a new JWT from the Frontend API. On this fetch, the long-term session (represented as session ID with database entry) cookie gets transferred and the refresh routine issues a new short-term session (represented as JWT) for you.
In case there is no internet connection, it tries every ten seconds to refresh the short-term session (represented as JWT).
Was this page helpful?