Realtime authenticates using an existing user session. If you authenticate after creating a subscription, the subscription will not receive updates for the newly authenticated user. You will need to re-create the subscription to work with the new user.
More information and examples of authenticating users can be found in the dedicated authentication docs.
Permissions
All subscriptions are secured by the permissions system offered by Appwrite, meaning a user will only receive updates to resources they have permission to access.
Using Role.any() on read permissions will allow any client to receive updates.
Session lifecycle
When working with Realtime subscriptions and authentication, keep the following in mind:
- Create session first - Always authenticate the user before creating subscriptions that require access to protected resources.
- Re-subscribe on session change - If a user logs out and a new user logs in, you must close existing subscriptions and create new ones for the new session.
- Handle session expiry - If a session expires, subscriptions tied to that session will stop receiving updates. Listen for session-related errors and re-authenticate when needed.