Apex Code Development You need to sign in to do that
Don't have an account?
Prakash GB Session Handling
Hi,
Can anyone help me, How to manage sessions when SF & other applications are connected?
Assume i make a callout to External application and authenticate and recieve session id. next when i am making a post request, how can i use the session id to bypass authentication again? what is the best way to store session id in salesforce?
Thanks
Prakash GB
Can anyone help me, How to manage sessions when SF & other applications are connected?
Assume i make a callout to External application and authenticate and recieve session id. next when i am making a post request, how can i use the session id to bypass authentication again? what is the best way to store session id in salesforce?
Thanks
Prakash GB
Hope you are doing great.
Use Case:
If you have an API connection with the external system. They cannot use the same session and hence will be requesting a new session (the previous session will still be active) each time they connect with Salesforce.
What will be the impact on the below:
- What happens to previous sessions?
- Do they expire automatically after 120 minutes?
- At a given time, how many active session there can be?
- What are the implications of multiple open sessions at a given point in time?
Explanation:
Depends on how your sessions respond will depend on how they are being created. For example, if you are using the SOAP API to call login() with the same credentials from a single device, you will likely get the same session Id back. Beware of calling logout() here, as you will end both (being the same session).
I've seen reports (http://salesforce.stackexchange.com/a/1464/102) that doing the same with OAuth from different devices yields distinct sessions.
Expiry time will be controlled by the configuration. The default is 120 minutes after the last activity, but this can be changed.
The limiting factor in terms of usage will be the Concurrent API Request Limit (https://help.salesforce.com/HTViewHelpDoc?id=integrate_api_rate_limiting.htm). E.g. With a developer edition org you can only have 5 active long-running requests. There are other limits that will also come into play, such as the SOQL query locator. See Execution Governors and Limits (https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_gov_limits.htm).
I'd suggest you run a small trial to see how it behaves with your setup. You can monitor your active sessions with the User Session Information page. (https://help.salesforce.com/htviewhelpdoc?id=security_user_session_info.htm&siteLang=en_US)
Also, please elaborate a bit more on storing the session ID in Salesforce?
Usually, when your session gets logged your session ID gets expired.If you want to store it for a longer time then I would recommend to go to session settings and specify the session time which so that based on it your session ID will be active.
Hope this helps.
Kindly mark this as solved if the reply was helpful.
Thanks,
Nagendra
Thank you for your detailed response.
with regards to storing session id in salesforce, my question is, do i need to store session id in cookie or somewhere to use the same session when i'm making a second call in same transaction.
Assume for JIRA integration, i will authenticate with JIRA and get session id. after 2 min i'll create a case in salesforce and that case need to be created on JIRA as issue. in this case do i need to authenticate again with JIRA or can i use session id which i recieved 2min back. if i can use session id, do i need to store it as cookie and use or how?
adding on to the same, after 10min if i need to make another call to JIRA, How can i maintain the same session?
Thank you in advance
Prakash GB