#Overview

The Session Management feature allows you to control the maximum duration of your users' sessions with Magic. Default sessions will allow users to remain authenticated with Magic for up to 7 days (or until they logout or browser data is cleared). Auto Refresh sessions will allow users to stay authenticated with Magic for a duration of your choosing, up to 90 days (or until they logout or browser data is cleared).

When Auto Refresh is enabled, each successful authentication will be issued a refresh token along with the session token. The refresh token will be valid for the configured number of days and while valid, will allow the user to bypass re-authentication (i.e clicking on a magic link). Once the refresh token expires, the user will need to re-authenticate with Magic.

#Unlocking Session Management

Session Management is a premium feature available to all customers for an additional monthly charge. To unlock custom session lengths for your workspace, please send a request to our Sales team.

#Compatibility

Auto Refresh sessions are not currently supported on:

• Mobile SDKs (React Native, Flutter, iOS, Android)
• WebAuthn