timed refresh mechanism

Open dickhardt opened this issue 1 year ago • 1 comments

To remove latency from calling APIs where the cookie has expired and the browser does the refresh adding latency, I would likely set a timer to POST to /securesession/refresh on a regular basis. Perhaps doing this could be part of the API?

Apr 06 '24 08:04 dickhardt

We do expect that browsers try to pre-emptively refresh before the cookies expire. This takes some care as indefinite background pings when the user isn't actually using that website/app don't quite make sense from a privacy perspective. So we've left the triggers and timing for this that browser implementations should control.

Apr 09 '24 00:04 arnar