Cookie size hit when adding several permissions
I noticed permissions are available in the access_token cookie. However, this seems to break the app once we reach the max cookie size 4kb. For example if I create an app and add over 50 permissions this seems to quickly hit the limit and cause the entire app to crash. Is there a better solution to dealing with large set of permissions?
1 Reply
Hey @pedropmedina,
Thanks for reaching out.
To address the issue of hitting the maximum cookie size, you can consider a few alternative approaches:
1. Reduce the Number of Permissions in the Token: Review and consolidate the permissions if possible. Use broader permissions that cover multiple actions instead of very granular ones.
2. Use Role-Based Access Control (RBAC): Instead of listing individual permissions in the token, assign roles to users and manage permissions based on these roles on the server side. This way, the token only needs to contain role information, which is usually much less data than individual permissions. You can customise the token in Kinde to include roles (see this doc).
3. Reduce the permission key names: Using smaller key names for permissions to reduce the size of the access token and avoid hitting the maximum cookie size limit.
Implementing one or a combination of these strategies should help you manage large sets of permissions without exceeding the maximum cookie size and impacting the performance and stability of your application.
Let me know if you have any further questions.
Kinde docs
Token customization
Our developer tools provide everything you need to get started with Kinde.