Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

<@U04UQ68083H> How should I refresh my kratos session?

To refresh a Kratos session, you need to append `?refresh=true` to the appropriate endpoint. The endpoint you use depends on whether you're working with a browser client or an API client.  For browser clients, append `?refresh=true` to `/self-service/login/browser`. For example:  ``` <https://playground.projects.oryapis.com/self-service/login/browser?refresh=true> ```  For API clients, append `?refresh=true` to `/self-service/login/api`. For example:  ``` <https://playground.projects.oryapis.com/self-service/login/api?refresh=true> ```  Refreshing a session updates the `authenticated_at` time and won't log the user out, unless another user signs in.   If you're implementing a UI, you can force the user to re-authenticate by calling the `/self-service/login/browser?refresh=true` endpoint. This is only applicable to the login flow and requires the user to already have a session. Here's an example of how to do this:  ```javascript sdk.createBrowserLoginFlow({ refresh: true })   ```  For more details, you can refer to the [Ory documentation](<https://www.ory.sh/docs/kratos/self-service/flows/user-login#refreshing-a-session>).