Skip to content
English
Contact us
  • There are no suggestions because the search field is empty.

Platform Sessions | spektr Helpcenter

Platform Sessions

Details about sessions used in spektr.

Written by Yuri Beckers
Updated over 6 months agoYuri Beckers

Concepts

  1. Access Token: Expires after 1 hour of inactivity

  2. ID Token: Expires after 1 hour of inactivity

  3. Refresh Token: Valid for 30 days

Access Token: Expires after 1 hour of inactivity

ID Token: Expires after 1 hour of inactivity

Refresh Token: Valid for 30 days

Session Lock Behavior
Sessions are NOT locked after a specific idle time - instead, they expire based on token validity:

  • After 1 hour: Access and ID tokens expire, requiring a refresh

  • After 30 days: Refresh token expires, requiring full re-authentication

After 1 hour: Access and ID tokens expire, requiring a refresh

After 30 days: Refresh token expires, requiring full re-authentication

How the Refresh Logic Works
The session refresh dialog appears when:

  • 2 minutes before expiry (58 minutes of activity): System attempts background refresh

  • 1 minute before expiry (59 minutes of activity): Shows dialog if background refresh failed

  • At expiry (60 minutes): User is logged out if no refresh occurred

2 minutes before expiry (58 minutes of activity): System attempts background refresh

1 minute before expiry (59 minutes of activity): Shows dialog if background refresh failed

At expiry (60 minutes): User is logged out if no refresh occurred

Key Points

  • No traditional "idle timeout" - sessions expire based on token age, not user inactivity

  • 1-hour token lifetime means users need to refresh every hour regardless of activity level

  • Background refresh attempts to extend the session transparently

  • Dialog appears only when background refresh fails and session is about to expire

No traditional "idle timeout" - sessions expire based on token age, not user inactivity

1-hour token lifetime means users need to refresh every hour regardless of activity level

Background refresh attempts to extend the session transparently

Dialog appears only when background refresh fails and session is about to expire

This explains why active users still see the refresh dialog - it's not about idle time, but about the 1-hour token expiration cycle that affects all users regardless of their activity level.