Authyo Docs
  1. Session Management
Authyo Docs
  • ๐Ÿถ Walk through Authyo
  • Error Codes
  • About Pricing
  • APIs
    • Send OTP
      GET
    • Send OTP
      POST
    • Verify OTP
      GET
    • Verify Token
      POST
    • Revoke User Session
      POST
  • Web SDKs
    • JavaScript
    • PHP
    • AngularJS Examples
    • TypeScript Examples
    • React JS
    • Vue JS Examples
  • Native/Mobile SDKs
    • Flutter
  • Integration
    • Google Sheet
    • Firebase
  • Session Management
    • Introductions
    • JWT Token
  1. Session Management

Introductions

Session Management#

Authyoโ€™s session management system gives developers full control over how user sessions are handled โ€” from setting session duration, to validating and revoking active sessions instantly. This ensures both stronger security and a smoother experience for end users.

Overview#

Authyo provides a robust and flexible session management framework designed to safeguard applications while keeping the login experience seamless. Developers can configure session duration directly from the Authyo dashboard.
To adjust session behavior, simply navigate to Application > App Settings in your Authyo dashboard, where you can set or update session expiry time based on your requirements.

Key Capabilities#

Custom Session Duration โ€“ Configure how long a user session should remain active.
Real-Time Validation & Revocation โ€“ Verify whether a session is valid at any time and revoke it instantly if needed.

Example Use Cases#

Session management offers several use cases that enhance both security and user experience:
Stronger Security โ€“ Automatically log users out after a defined time limit or inactivity window.
Admin Control โ€“ Allow administrators to end user sessions instantly if suspicious activity is detected.
User Convenience โ€“ Keep sessions persistent across multiple logins or devices, reducing the need for repeated authentication.

Benefits#

Security First โ€“ Prevent unauthorized access by managing session lifetimes and revoking suspicious sessions on demand.
Better User Experience โ€“ Reduce unnecessary logins while keeping users safely authenticated.
Granular Flexibility โ€“ Tailor session rules to meet your appโ€™s exact security and usability needs.

How to use Authyo Session Management#

Learn how to manage user sessions effectively using tokens for secure and seamless authentication.

Starting a Session#

To begin a user session, use the Send OTP Api OR Auth SDK to authenticate the user. After successful authentication, the response includes a token or you can call Verify Token function to retrive the information if it exists. Successfull authentication return the JWT token.
token: A JSON Web Token for secure session validation.

Steps:#

1. Enable Session Management:
Go to the Authyo dashboard.
Set the Session Duration: The total duration a session remains active.
2. Store Session Information:
Save the token client-side (e.g., in cookies or local storage) securely.

Authenticating a Session#

Before performing any action that requires authorization, verify the session validity.

Steps:#

1.
Call the Verify Token API with the JWT token to verify it locally.
2.
Validate the response:
If the session is valid, use the userId from the response to identify the user.
Send the token in a session cookie for subsequent requests.
3.
If the session is invalid:
Clear the session cookie to log the user out.
Do not process the unauthorized request.

Revoking a Session#

To terminate a user session:
1.
Call the Revoke User Session API or Use SDK Logout Function with the token.
2.
Ensure that the session cookie is cleared client-side to prevent further use.
Modified atย 2025-09-27 10:15:46
Previous
Firebase
Next
JWT Token
Built with