Choose a mode
Create a wallet-backed session
.env file excluded from Git. sessionExpirationMs applies to the newly issued session; changing it does not extend an existing session.
Persist and restore explicitly
After sign-in,restorableSession contains the delegation header and private session-key material needed to resume access:
saveEncryptedSession() and loadEncryptedSession() stand for your infrastructure’s secret-storage calls. The session payload grants access until expiry, so protect it like a credential. Do not put it in a normal database column or log it.
Handle an invalid or expired session
Reject an unusable stored session, delete it, and establish a fresh wallet-backed session:AUTH_EXPIRED; create and sign in a wallet-backed client before retrying work that is safe to repeat.
End backend access
TinyCloudNode does not currently expose the Web SDK’s signOut() convenience method. To end local access, stop using the client instance and delete the stored restorable-session payload. This removes the backend’s credential but does not revoke copies that were exported elsewhere. Use the delegation lifecycle controls for separately issued delegations.
Session-only delegation use
Next steps
Verified against
@tinycloud/node-sdk 2.7.0-beta.2.