+ Start a Discussion

Embedded sforce Control and Session Expiration

... I'm asking this same question of my Customer Success Manager as well, but wanted to float the balloon to the community-at-large as well.

I'm currently about to deploy a handful of embedded sforce controls in salesforce. Several of them would likely persist on the users screen for some time. As they are passed the SessionID by way of the merge field they have no need to login.

The problem comes when the SessionId nears expiration. The Web UI can simply refresh the page and get a new cookie, but doing so would reset the scontrol. While this is bad it gets worse. What happens when a SessionID actually expires between data capture and save? The user would be forced to enter his user/pass to get a new SessionID just to continue working in the control because there is no way for the control to obtain the user credentials from the system.

Also without knowing when the SessionID will expire we have no way to warn the users to complete their work, or take any other steps in advance of the expiration.

I'm curious to know how people handle not knowing the session expiration and dealing with it in a semi-persistant control.

Hi daroz,


This is a great question (partly because I have a happy answer)!

In reality, the browser app issues a new session when the user is half way to the expiration period.  This means that any session id you would receive on the scontrol would have at a minimum 1/2 the life of the session (remember, this is configurable 30, 60, 120, and 240 mins) or +15, +30, +60 and +120 minutes.