Skip to main content

Session Management

Web3Auth SDKs provide session management to minimize repeated logins, enhancing user experience by maintaining login state for a specified duration. This seamless experience offers several advantages, including:

  • User Experience: Reduces login frequency for a smoother experience.
  • Efficiency: Session restoration is quick, occurring in milliseconds.
  • Integration: Easy to implement with minimal impact on user flow.

Session Key

Upon login, a unique session key is generated. The user state is then encrypted with this session key and stored on the Web3Auth metadata server.

Customizing Duration

The duration for which this encrypted state is stored is determined by the sessionTime parameter.

Secure Storage

Session keys are stored securely in the client's environment (e.g., browser local storage, Android Encrypted Shared Preferences, iOS Keychain Services).

Restoration

  1. Retrieve Key: SDK retrieves the session key from secure storage.
  2. Server Communication: SDK requests user state restoration from the metadata server.
  3. Decryption: Encrypted user state is decrypted with the session key.
  4. Fallback: If no active session, user proceeds with standard login.