setSession()

Sets the session data from the current session. If the current session is expired, setSession will take care of refreshing it to obtain a new session. If the refresh token in the current session is invalid and the current session has expired, an error will be thrown. If the current session does not contain at expires_at field, setSession will use the exp claim defined in the access token.

1  const { data, error } = supabase.auth.setSession({refresh_token, access_token})

Parameters#

  • currentSessionrequired
    object

    The current session that minimally contains an access token and refresh token.

      Properties
    • refresh_tokenrequired
      string

      No description provided.

    • access_tokenrequired
      string

      No description provided.

Notes#

  • setSession() takes in a refresh token and access token to get a new session.
  • The refresh token can only be used once to obtain a new session.
  • Refresh token rotation is enabled by default on all projects to guard against replay attacks.
  • You can configure the REFRESH_TOKEN_REUSE_INTERVAL which provides a short window in which the same refresh token can be used multiple times in the event of concurrency or offline issues.
  • If you are using React Native, you will need to install a Buffer polyfill via a library such as rn-nodeify to properly use the library.

Examples#

Set the session#

Sets the session data from a refresh_token and access_token and returns the current session or an error if the tokens are invalid.

1  const { data, error } = supabase.auth.setSession({refresh_token, access_token})