Hello, We need to check cookies for every request in our express backend, for every request we need to send request for /session/whoami endpoint which adds delay. Is there any alternate way to check cookies

Hello Akash, if your use case requires the ability to invalidate user sessions (e.g. logout), there is no way to authenticate a request without talking to an authentication server. What is the latency? If it is significant, you may be able to optimize it with adjustments to your deployment or system design

We are testing in local server, concerned when deployed in production.

This latency shouldn't be significant if kratos is in the same deployment (<1ms). There is no way around checking the session if the request requires an authenticated user. What kind of latency have you been experiencing?

We are deploying Kratos in separate instance

is the instance in the same datacenter ?

Same datacenter

Then latency shouldn't be a problem 🙂

Is this endpoint makes database call?

I believe it does, but I could be wrong. I would need to look through this part of the code base to verify

Thank you Alano, another way is to cache the cookie call for a bit. You might do that in your middleware or use something like Ory Oathkeeper :)