Hello there ! Is it normal that the

Session.doesSessionExist()

called the refresh endpoint, event on a fresh private browser session with no supertokens related cookies ?

Hi @ronflai Do you see the refresh API being called on page load? or when you call

Session.doesSessionExist()

? The frontend SDK attempts to check for a session on page load which can result in a call to the refresh API

I can see the refresh API being called when we call the Session.doesSessionExist()

Right so it is expected for a refresh call to be made if you call doesSessionExist and there are no local tokens present

Is there any function that we can call to check if there is an existing "local session" before calling the API ? I ask the question because we are doing a lot of "not necessary" calls to our API and i we can prevent that would be great.

What SDK are you using for the frontend?

supertokens-web-js

You could switch to using headers instead if session cookies (you can refer to our docs for this). And then manually check if

st-access-token

is present in

document.cookie

we already using headers so we can indeed check for st-access-token in the cookies but I wanted to know why you're not doing that in the

doesSessionExist

before calling the API ?

Well the sdk assumes that you could have existing sessions with cookies (if someone migrated to using sessions after their initial launch)

Ok got it. Thanks