Client object close session
Answered
Is it necessary to close the client or close de session attached to the client object? If it's not necessary to close the session, then how is it handled the opened sessions?
-
Hey ,
Thanks for reaching out and good question. There's a few ways to think about it.
From the perspective of the API, client sessions are powered by access tokens, which you may be aware live for only one hour (example). If you do nothing with a session, the session will be invalid on its own after an hour.
Alternatively, our SDKs offer options for revoking tokens, which may be what you're referring to when you talk about closing clients:
https://github.com/box/box-java-sdk/blob/master/doc/authentication.md#revoke-token
https://github.com/box/box-python-sdk/blob/master/docs/usage/authentication.md#revoking-tokens
For security purposes, you may want to explore that. If you want to for memory purposes I'm sure that'd be valid too, but generally you can either leave the token alone or explicitly revoke it.
Hope that helps!
Please sign in to leave a comment.
Comments
1 comment