Session Validation
Descope provides robust Software Development Kits (SDKs) for several programming languages, allowing secure and efficient session validation after successful user authentication. This page serves as an index for our guides on frontend and backend session validation.
| Validation Type | Description | |
|---|---|---|
| Web Client | Web client session validation is validation where the session token is validated directly in the user's web client. The session token is typically stored in the application cache or in a secure cookie. This method is often used for improved user experience as it can help reduce server-side load and latency. | View |
| Mobile Client | Mobile client session validation is validation where the session token is validated directly in the user's device. The session token is typically stored in the device's memory. This method is often used for improved user experience as it can help reduce server-side load and latency. | View |
| Backend | Backend session validation occurs server-side. The session token is sent from the client to the server with each request. The server then validates this token to authenticate the session. This method is known for its enhanced security, as the session information is not directly exposed to the user's device. | View |
To learn more about the fundamentals of session management in Descope, please refer to the session management article and watch our video tutorial below covering various configurations and ways to validate the session token: