Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.getpara.com/llms.txt

Use this file to discover all available pages before exploring further.

Learn how to check session status, maintain active sessions, and handle session expiration in Para web applications.

Checking Session Status

Use isSessionActive() to verify whether a user’s session is currently valid before performing authenticated operations. Example usage: 
const para = new Para(apiKey);

const isActive = await para.isSessionActive();

if (!isActive) {
  // Start a new authentication flow.
}

Maintaining Active Sessions

Use keepSessionAlive() to extend an active session’s validity without requiring full reauthentication.
keepSessionAlive() is also the method to extend a session that was imported into the Server SDK.
Example usage: 
const para = new Para(apiKey);

const success = await para.keepSessionAlive();

if (!success) {
  // Start a new authentication flow.
}

Automatic Session Management with React

If you’re using the React SDK and the ParaProvider component, you can leverage automatic session management: 
// The ParaProvider will automatically keep sessions alive by default
<ParaProvider>
  <YourApp />
</ParaProvider>

// To disable automatic session management
<ParaProvider
  config={{
    disableAutoSessionKeepAlive: true,
  }}
>
  <YourApp />
</ParaProvider>
When using the ParaProvider component from the React SDK, it automatically keeps sessions alive in the background by calling keepSessionAlive() periodically. You can disable this behavior by setting config.disableAutoSessionKeepAlive to true if you prefer to manage sessions manually.

Refreshing Sessions

Para provides the refreshSession() method for flows that intentionally send the user through a session refresh or login URL.
refreshSession() is different from keepSessionAlive(). Use keepSessionAlive() to extend an active session. Use refreshSession() only when your app is starting a refresh or login flow for the user.
For most applications, when a session expires, it’s better to guide users through a complete authentication process: 
const para = new Para(apiKey);

// When session expires, initiate a full authentication
if (!(await para.isSessionActive())) {
  //route to authentication page
}
For server-side imported sessions, call keepSessionAlive() before expiry. If it fails, ask the client to authenticate again and export a new session.

Best Practices

  • Proactive Session Management: Always check session status before operations that require authentication
  • Regular Session Extension: For long user sessions, periodically call keepSessionAlive() or leverage the ParaProvider automatic session management
  • Graceful Expiration Handling: Provide a smooth re-authentication flow when sessions expire instead of showing errors