The iWD Manager server session expires after a time period set up in the configuration. Every http request sent to API resets the session expiration timer.
There is a special request just to keep the session alive:
HTTP 204 No content
There is also another API request to automatic logout:
HTTP 302 Found
- The Location header redirects to the login page (with reason=sessionExpired).
- The difference between automatic and the normal logout requests is in a logout reason responding back to the front-end. The automatic logout request redirects to the login screen with the reason "session expired" and the normal logout - with "logged out successfully".
- In every response a special cookie "SESSIONLIFETIME=<timestamp>_<lifetime>" is applied where the front-end is able to find necessary information to use the automatic logout and keeping alive mechanism.