# Refresh SSO Session

div
div
Backend API
> Extends one or all SSO sessions for a user on request of an external service


## Description

This step refreshes the time-to-live (TTL) of one or more active SSO session tokens for a given user, in response to a request from an external service. When the external service sends a session refresh request, this step renews the relevant sessions' tokens, to avoid breaks in user experience.

You can configure the step to refresh either a specific session or all sessions associated with a user—by providing a `Session ID` to target a single session, or a `User ID` to refresh all active sessions for that user.

If the step succeeds, it branches to a Complete journey step and refreshes the relevant sessions. In case of failure, the error is exposed in the `error` output variable and the step allows you to define the desired behavior in your journey logic.

## Configuration

div
| Field | Description |
|  --- | --- |
| **Action settings** | Defines whether to refresh the session token on a specific session or on all active sessions associated with the user. |
| **User ID** | (when `All Sessions` is selected) ID of the user whose sessions should be refreshed. |
| **Session ID** | (when `Specific Session` is selected) ID of the SSO session to refresh. |
| **Keep Alive Duration** | Defines the new session duration, in seconds. This value overrides the existing TTL. If not specified, the new session duration defaults to the **Session timeout** configured in the [SSO client group settings](https://portal.transmitsecurity.io/sso-and-federation/service-definition/client-groups). |


### Example: Keep session alive during long-running activity

A bank runs a real-time trading platform where sessions may remain active for hours without user interaction.

To prevent session expiration, the bank's session manager periodically triggers a Mosaic journey that refreshes the user’s SSO session using the **Refresh SSO Session** step, configured with the current `Session ID`.

If successful, the user continues uninterrupted. If not, the journey captures the error to inform subsequent flow logics.