All Release Notes

Refresh tokens expiration

1 July 2020
Announcement
Security

The number of refresh tokens is now limited to 10 million. Please refer to our documentation on creating anonymous sessions only once necessary. If the limit is exceeded, the least recently used refresh tokens are deleted. Creating new refresh tokens continues to work. Therefore a refresh token that is frequently used will never expire.

This limit can be increased per project after we review the performance impact. Please contact Support via the Support Portal and provide the region, project key and use case.

If your production project currently exceeds this limit, you will be contacted by us.