Docs Menu
Docs Home
/
MongoDB Atlas
/
Atlas Device SDKs
/

Manage User Tokens

On this page

  • Get a User Access Token
  • Manually Refresh an Access Token
  • Configure Refresh Token Expiration

The SDK manages two types of user tokens:

  • User access token: a token sent with each request to Atlas. Without a valid access token, the app can't perform server-related functionality on the user's behalf.

  • Refresh token: a token used to refresh the access token. The SDK uses this to automatically rotate the access token, up to the period when the refresh token expires.

Once the refresh token expires, the app can't perform operations that involve the server until the user logs in again.

Tokens are removed after the user logs out.

Important

The SDK Automatically Handles User Access Tokens for Most Functionality

The SDK automatically handles user access tokens for operations that it performs, such as calling a Function or syncing the device database. It sends the access token with each request, and automatically handles refreshing it. When a refresh token expires, your app code must redirect users to login again.

If you send requests outside of the SDK, you must include the user's access token with each request and manually refresh the token when it expires. You must manually manage this token when calling Atlas Data API endpoints from your client code, for example.

For more information on user session access and refresh tokens, refer to User Sessions in the App Services documentation.

Get a User Access Token

Access tokens expire 30 minutes after a user logs in.

Manually Refresh an Access Token

You can manually refresh an expired access token.

Configure Refresh Token Expiration

Refresh tokens expire after a set period of time. When the refresh token expires, the access token can no longer be refreshed and the user must log in again.

If the refresh token expires after the database is open, the device cannot sync until the user logs in again. Your sync error handler should implement logic that catches a token expired error when attempting to sync, then redirect users to a login flow.

For information on configuring refresh token expiration, refer to Configure Refresh Token Expiration in the App Services documentation.

← 
 →

On this page