2026-05-29 - Automatic Background Token Refresh Architecture¶
Release¶
AgileData.io - Stay Logged In: Automatic Token Refresh Keeps Your Session Alive
AgileData sessions are managed through Google Cloud’s Identity-Aware Proxy (IAP), which issues session tokens with a fixed lifespan. If your browser’s Firebase authentication token expires before the IAP session does, the mismatch could cause silent failures or force an unexpected re-login. To prevent this, we’ve implemented automatic background token refresh.
The token refresh runs silently in the background using an iframe that calls the identity service — this means your session token is refreshed without any visible interruption to your work. The IAP session cookie is refreshed on a regular schedule, and if a transient error is encountered on the first attempt, the system retries automatically.
This work is part of the broader investment in session reliability following the identity server launch. The token refresh patterns are now managed centrally by the identity server, keeping the logic in one place and making future changes easier.
What’s New:
Automatic Firebase token refresh runs silently in the background using the identity service
IAP session cookies refreshed on a regular schedule
Transient token refresh errors are retried automatically
Token refresh logic centralised in the identity server
What this means for you:
Longer, uninterrupted work sessions without unexpected re-login prompts
Session token and IAP session stay in sync automatically
More resilient handling of transient authentication hiccups
Last Refreshed¶
Doc Refreshed: 2026-05-29