Skip to content
Start project
Back

Anonymous Sessions using Node SDKs

  • 0
  • Auth
View on Discord
cerq
17 Jan, 2026, 21:48

I am attempting to use anonymous sessions with the Node SDK but I have simply no idea how to persist the session to a cookie, pass it to the session client, etc. The returned session object from account.createAnonymousSession doesn't include a secret parameter like the other authentication methods do to be stored in a cookie.

Curiously, I tested how anonymous sessions worked in the browser SDK (since there is no manual session management involved) and I found that the lack of a secret parameter is the same. However, the session cookie comes directly from the request via a Set-Cookie header. I don't know how to intercept this header from the call in the server SDK to be able to store the session secret since the library does not make it accessible from what I can tell.

One of my thoughts was to manually make an API call from the Node side and proxying the Set-Cookie to the client, but it seems like there should be a better way to do this.

account.createAnonymousSession() returns the following object. I have changed the value of some of the fields containing PII.

Any help would be much appreciated!

TypeScript
{
    "$id": "696c035d336054320f10",
    "$createdAt": "2026-01-17T21:47:09.220+00:00",
    "$updatedAt": "2026-01-17T21:47:09.220+00:00",
    "userId": "696c035d27ec559cbc5e",
    "expire": "2027-01-17T21:47:09.210+00:00",
    "provider": "anonymous",
    "providerUid": "",
    "providerAccessToken": "",
    "providerAccessTokenExpiry": "",
    "providerRefreshToken": "",
    "ip": "",
    "osCode": "",
    "osName": "",
    "osVersion": "",
    "clientType": "browser",
    "clientCode": "CH",
    "clientName": "Chrome",
    "clientVersion": "143.0",
    "clientEngine": "Blink",
    "clientEngineVersion": "143.0.0.0",
    "deviceName": "",
    "deviceBrand": "",
    "deviceModel": "",
    "countryCode": "",
    "countryName": "",
    "current": true,
    "factors": [
        "anonymous"
    ],
    "secret": "",
    "mfaUpdatedAt": ""
}
TL;DR
Developers are struggling to persist anonymous sessions created with the Node SDK to a cookie due to the absence of a secret parameter in the session object. The browser SDK handles this automatically via a Set-Cookie header but this is not accessible on the server side. One potential workaround involves manually making an API call from the Node side to proxy the Set-Cookie to the client, but a more optimal solution is sought. Solution: Currently, there is no straightforward solution presented in the thread. Developers may need to explore further or consider alternative approaches to managing anonymous sessions in Node using the provided session object.
Reply

Reply to this thread by joining our Discord

Reply on Discord

Recommended threads

Need support?

Join our Discord

Get community support by joining our Discord server.

Join Discord

Get premium support

Join Appwrite Pro and get email support from our team.

Learn more