Session Persistence

Overview

Session Persistence allows workflows to maintain application state and user sessions across multiple test steps and workflow executions. This is critical for realistic end-to-end testing where tests need to maintain login sessions or application state throughout the workflow.

Why Session Persistence Matters

Tests execute exactly like real users - maintaining login sessions across multiple pages/actions.

How Session Persistence Works

Session Lifecycle

Workflow Start
  ├── Step 1: Login
  │   └── Session created (cookies, tokens stored)
  ├── Step 2: Navigate to Account
  │   └── Session maintained (credentials available)
  ├── Step 3: Update Profile
  │   └── Session still active (no re-login needed)
  └── Step 4: Logout
      └── Session ended

Without Session Persistence

Step 1: Login → Session created
Step 2: Navigate → Need to login again!
Step 3: Update → Need to login again!

With Session Persistence

Step 1: Login → Session created
Step 2: Navigate → Session active (logged in)
Step 3: Update → Session active (logged in)

Configuring Session Persistence

Enable Session Persistence

Open workflow
Click "Settings" or "Configuration"
Find "Session Management" section
Toggle "Enable Session Persistence" ON
Configure options (see below)
Save settings

Session Configuration Options

Session Persistence Settings
├── Enabled: On/Off toggle
├── Session Duration: Timeout after X minutes
├── Clear Between Steps: Keep or clear after each step
├── Share Across Workflows: Maintain between workflows
├── Cookie Storage: Browser / Server
├── Token Management: Auto-refresh tokens
└── Cleanup: Clear sessions after workflow

Session Types

Web Application Sessions

For Web-based testing:

Cookies

Maintained automatically
Browser-based storage
Persist across page navigations

Tokens (JWT, OAuth)

Automatically captured and reused
Headers included in subsequent requests
Auto-refresh if supported

Local Storage

Application state preservation
Cache maintenance
Session variables

Mobile Application Sessions

For Mobile testing:

App State

Navigation history preserved
In-app sessions maintained
App state persisted

Authentication

Token-based authentication maintained
Session cookies for mobile apps
Deep link sessions preserved

API Testing Sessions

For API workflows:

Authorization Headers

Bearer tokens maintained
Session tokens in requests
Custom headers preserved

Request/Response State

Responses available to subsequent requests
Authentication context maintained
Error states preserved

Session Data Management

What Gets Persisted?

Session Data Includes:
├── Cookies
├── Authentication tokens
├── Session IDs
├── Browser cache
├── Local storage
├── Session storage
└── Custom application state

What Gets Cleared?

Based on Configuration:
├── Sensitive data (passwords)
├── Temporary session files
├── Browser cache (optional)
├── Cookies older than timeout
└── Expired tokens

Real-World Examples

Example 1: E-Commerce Checkout Flow

Workflow: Complete Purchase

Step 1: Login
  ├── User credentials provided
  └── Session created (authentication token stored)

Step 2: Browse Products
  ├── User navigates product catalog
  ├── Session persisted (still logged in)
  └── Shopping cart state maintained

Step 3: Add to Cart
  ├── Item added to cart
  ├── Session used (user cart linked to session)
  └── Session state updated

Step 4: Checkout
  ├── Payment information provided
  ├── Session used (user account linked to order)
  └── Session expires after timeout

Example 2: Multi-Step Form

Workflow: User Registration

Step 1: Fill Page 1 (Personal Info)
  └── Session created

Step 2: Fill Page 2 (Address)
  └── Session maintained, form data preserved

Step 3: Fill Page 3 (Payment)
  └── Session maintained, all previous data available

Step 4: Submit
  └── Session used to link all form data

Example 3: API Workflow

Workflow: Order Management

Step 1: Authenticate API
  ├── POST /auth → Get token
  └── Token stored in session

Step 2: Create Order
  ├── POST /orders (with Bearer token from session)
  └── Order ID returned and stored

Step 3: Update Order
  ├── PUT /orders/{id} (with Bearer token from session)
  └── Uses Order ID from Step 2

Step 4: Get Invoice
  ├── GET /invoices (with Bearer token from session)
  └── Uses Order ID to retrieve invoice

Session Timeout Configuration

Setting Timeout Duration

Session Timeout Options:
├── 5 minutes (for short workflows)
├── 15 minutes (standard)
├── 30 minutes (longer workflows)
├── 1 hour (extended workflows)
└── Custom duration

Timeout Behavior

Inactive for X minutes → Session marked as expired
Next action attempted → Session refresh attempted
If refresh fails → Need to re-authenticate
If refresh succeeds → Workflow continues

Renewing Sessions

Auto-renew sessions:

Enable "Auto-renew on activity"
Each action resets timeout
Long workflows stay active
No manual re-login needed

Cross-Workflow Sessions

Workflow A: Create User
  └── Session ends (user created, logged in)

Workflow B: Verify User Email (runs immediately after)
  └── Should maintain session? (Configuration dependent)

Without Cross-Workflow Sessions:
  - Workflow B must login again

With Cross-Workflow Sessions:
  - Workflow B uses same session from Workflow A
  - No additional login needed

Enabling Cross-Workflow Sessions

Open workflow configuration
Check "Share sessions with next workflow"
Or enable at workflow chain level

Security Considerations

✅ Security Best Practices

✅ Use HTTPS for all secure connections
✅ Don't store passwords in session
✅ Use token-based authentication
✅ Set appropriate timeout values
✅ Clear sessions after workflow completes
✅ Use least-privilege test accounts
✅ Encrypt session data in transit

⚠️ Security Risks

⚠️ Session hijacking if not over HTTPS
⚠️ Leaked credentials if stored in logs
⚠️ Unauthorized access if session shared improperly
⚠️ Stale sessions consuming resources
⚠️ Sensitive data in session storage

Troubleshooting Session Issues

Issue: Session expires during workflow

Symptoms:

"Session expired" error mid-workflow
Need to re-login unexpectedly
Workflow fails at random steps

Solutions:

Increase session timeout duration
Enable "Auto-renew on activity"
Reduce workflow execution time
Check network connectivity
Verify no session timeout on server side

Issue: Can't maintain session across steps

Symptoms:

Each step requires separate login
Cookies not persisted
Session disabled after each step

Solutions:

Verify "Session Persistence" is enabled
Check "Clear Between Steps" is OFF
Verify cookies are enabled
Check for cookie restrictions
Review browser/app settings

Issue: Session not shared between workflows

Symptoms:

Second workflow doesn't recognize login
Session starts fresh each workflow
Multiple logins required

Solutions:

Enable "Share sessions with next workflow"
Verify workflows run sequentially
Check timeout between workflows
Verify cross-workflow configuration

Issue: Sensitive data in sessions

Symptoms:

Passwords visible in logs
Authentication tokens exposed
Session data readable

Solutions:

Review session storage settings
Enable sensitive data filtering
Use token-based auth instead of passwords
Check log redaction settings
Encrypt session data

Best Practices

✅ Do

Enable session persistence for realistic testing
Set appropriate timeout values
Use token-based authentication when possible
Test login/logout sequences
Clear sessions after each workflow run
Monitor session performance
Document session requirements
Use HTTPS for secure sessions

❌ Don't

Store passwords in sessions
Use default timeout values without testing
Share sessions across unrelated workflows
Leave long-running sessions active
Assume sessions work without testing
Log session data with sensitive info
Mix session types in same workflow
Forget to clean up sessions

Performance Impact

Memory Usage

Session storage uses memory:

Simple cookies: ~1-5 KB per session
Complex sessions: ~10-50 KB per session
Long-running workflows: Maintain for duration
Multiple concurrent: Multiply by number of workflows

Optimization Tips

Clear sessions between workflows when possible
Use appropriate timeout values
Don't store unnecessary data
Monitor session count and size
Cleanup old/expired sessions

Testing Session Persistence

Verification Steps

Login in Step 1
Verify logged-in state in Step 2 (no login required)
Check cookies/tokens persisted
Verify application maintains state
Confirm session expires correctly

Test Scenario

Test: Session Persistence

Prerequisites:
- Valid test user credentials
- Application with session support

Steps:
1. Login with credentials
2. Navigate to another page (verify still logged in)
3. Perform action requiring authentication
4. Wait for timeout duration
5. Attempt action (verify session expired or renewed)

Expected Results:
- Steps 2-3: User remains logged in
- Step 5: Session expires or auto-renews based on config

PreviousReports NextData Propagation

Last updated 11 days ago

hashtagOverview

hashtagWhy Session Persistence Matters

hashtagHow Session Persistence Works

hashtagSession Lifecycle

hashtagWithout Session Persistence

hashtagWith Session Persistence

hashtagConfiguring Session Persistence

hashtagEnable Session Persistence

hashtagSession Configuration Options

hashtagSession Types

hashtagWeb Application Sessions

hashtagMobile Application Sessions

hashtagAPI Testing Sessions

hashtagSession Data Management

hashtagWhat Gets Persisted?

hashtagWhat Gets Cleared?

hashtagReal-World Examples

hashtagExample 1: E-Commerce Checkout Flow

hashtagExample 2: Multi-Step Form

hashtagExample 3: API Workflow

hashtagSession Timeout Configuration

hashtagSetting Timeout Duration

hashtagTimeout Behavior

hashtagRenewing Sessions

hashtagCross-Workflow Sessions

hashtagScenario: Multiple Related Workflows

hashtagEnabling Cross-Workflow Sessions

hashtagSecurity Considerations

hashtag✅ Security Best Practices

hashtag⚠️ Security Risks

hashtagTroubleshooting Session Issues

hashtagIssue: Session expires during workflow

hashtagIssue: Can't maintain session across steps

hashtagIssue: Session not shared between workflows

hashtagIssue: Sensitive data in sessions

hashtagBest Practices

hashtag✅ Do

hashtag❌ Don't

hashtagPerformance Impact

hashtagMemory Usage

hashtagOptimization Tips

hashtagTesting Session Persistence

hashtagVerification Steps

hashtagTest Scenario

hashtagRelated Topics

Overview

Why Session Persistence Matters

How Session Persistence Works

Session Lifecycle

Without Session Persistence

With Session Persistence

Configuring Session Persistence

Enable Session Persistence

Session Configuration Options

Session Types

Web Application Sessions

Mobile Application Sessions

API Testing Sessions

Session Data Management

What Gets Persisted?

What Gets Cleared?

Real-World Examples

Example 1: E-Commerce Checkout Flow

Example 2: Multi-Step Form

Example 3: API Workflow

Session Timeout Configuration

Setting Timeout Duration

Timeout Behavior

Renewing Sessions

Cross-Workflow Sessions

Scenario: Multiple Related Workflows

Enabling Cross-Workflow Sessions

Security Considerations

✅ Security Best Practices

⚠️ Security Risks

Troubleshooting Session Issues

Issue: Session expires during workflow

Issue: Can't maintain session across steps

Issue: Session not shared between workflows

Issue: Sensitive data in sessions

Best Practices

✅ Do

❌ Don't

Performance Impact

Memory Usage

Optimization Tips

Testing Session Persistence

Verification Steps

Test Scenario

Related Topics