Forcing a refresh for session token

  • 1 June 2021
  • 1 reply

We are currently doing the following for getSessionKey and includeSessionKeyHeader:

const getSessionKey = async (z, bundle) => {
const response = await z.request({
url: `${process.env.BASE_URL}/rest/auth`,
method: 'POST',
headers: {
'Accept': 'application/json',
'Content-Type': 'application/x-www-form-urlencoded',
body: {
loginname: bundle.authData.loginname,
passwd: bundle.authData.passwd,
appkey: bundle.authData.appkey,

return {

const includeSessionKeyHeader = (request, z, bundle) => {
if (bundle.authData.jwt) {
request.headers = request.headers || {};
request.headers['Authorization'] = `Bearer ${bundle.authData.jwt}`;
request.headers['ignite-appkey'] = bundle.authData.appkey;
return request;

This is working as expected after signing in and making calls to our API. The issue is after 12 hours our API expires the JWT. The JWT never seems to get refreshed. What is the best method for forcing getSessionKey to be called before each Task/Create is triggered? Is there a method for forcing the session to get refreshed?

1 reply

Userlevel 6
Badge +9

Have you checked out, and was it helpful? Does your API return a 401 when the token needs refreshing? If not you’ll need to handle the condition by catching it and throwing a refresh auth error `throw new z.errors.RefreshAuthError();`