Skip to main content

Session Management

Web3Auth SDKs provide session management to minimize repeated logins, enhancing user experience by maintaining login state for a specified duration. This seamless experience offers several advantages, including:

  • User Experience: Reduces login frequency for a smoother experience.
  • Efficiency: Session restoration is quick, occurring in milliseconds.
  • Integration: Easy to implement with minimal impact on user flow.

Session Key

Upon login, a unique session key is generated. The user state is then encrypted with this session key and stored on the Web3Auth metadata server.

Secure Storage

Session keys are stored securely in the client's environment (e.g., browser local storage, Android Encrypted Shared Preferences, iOS Keychain Services).

Restoration

  1. Retrieve Key: SDK retrieves the session key from secure storage.
  2. Server Communication: SDK requests user state restoration from the metadata server.
  3. Decryption: Encrypted user state is decrypted with the session key.
  4. Fallback: If no active session, user proceeds with standard login.

Common Questions

The following questions can be answered using the information on this page:

  1. How does Web3Auth handle session management?
  2. What are the benefits of Web3Auth's session management?
  3. How are session keys generated and stored?
  4. How does session restoration work in Web3Auth?
  5. Where is user state information stored?
  6. How secure is Web3Auth's session management?
  7. What happens when a session expires?
  8. How does session management improve user experience?
  9. How are session keys handled across different platforms?
  10. What is the process for session restoration failure?