For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
  • Getting Started
    • Introduction
    • How Verifa Works
    • Quickstart
    • Choosing an Integration Method
  • Use Cases
    • KYC Onboarding
    • Age Verification
    • AML Compliance
    • Fraud Prevention
    • Marketplace Trust & Safety
  • Core Concepts
    • Overview
    • Sessions
    • Verifications & Checks
    • Workflows
    • Identities
    • Cases
    • Screening & Reports
    • Lists
  • Integration Guides
    • Overview
    • JavaScript SDK
    • Web Capture Flow
    • API-Only Integration
    • Mobile SDK
    • Webhooks Guide
    • MCP Server
    • Migrating from Persona
  • API Details
    • Overview
    • Authentication
    • Pagination
    • Rate Limiting
    • Versioning
    • Errors
    • Webhooks
    • Idempotency
    • Key Inflection
    • Data Access
    • Data Retention
  • Tutorials
    • Creating Your First Verification Session
    • Creating a Workflow
    • Receiving Webhooks & Validating Signatures
    • Handling Webhook Events
    • Custom Document Types & AI Extraction
  • Best Practices
    • Testing
    • Preventing Duplicates
    • Fraud Signals
    • Changelog
  • API Reference
      • POSTRefresh the dashboard session cookie
API ReferenceAuthentication

Refresh the dashboard session cookie

POST
https://devapi.withverifa.com/api/v1/auth/refresh
POST
/api/v1/auth/refresh
$curl -X POST https://devapi.withverifa.com/api/v1/auth/refresh \
>     -H "X-API-Key: <apiKey>" \
>     -H "Content-Type: application/json" \
>     -d '{}'
1{
2  "refreshed": true
3}
Issues a fresh `vk_org_token` cookie for the currently authenticated dashboard user, extending the session for another 8 hours from now. The dashboard SPA calls this on a periodic timer (and on focus/route change) so users actively working in the app are not hard-logged-out when their original 8h JWT expires mid-task. The request body is empty — the caller is identified by the existing `vk_org_token` cookie. On success, the response sets a new `vk_org_token` cookie (httpOnly, Secure, SameSite=Lax, Max-Age=28800).
Was this page helpful?
Previous

Permanently delete the authenticated user's account

Next
Built with

Issues a fresh vk_org_token cookie for the currently authenticated dashboard user, extending the session for another 8 hours from now.

The dashboard SPA calls this on a periodic timer (and on focus/route change) so users actively working in the app are not hard-logged-out when their original 8h JWT expires mid-task.

The request body is empty — the caller is identified by the existing vk_org_token cookie. On success, the response sets a new vk_org_token cookie (httpOnly, Secure, SameSite=Lax, Max-Age=28800).

Headers

Verifa-VersiondateOptional

API version date string (e.g. 2026-02-01). If omitted, the version pinned to your API key is used.

Response headers

Set-Cookiestring

New vk_org_token cookie (httpOnly, 8h max-age).

Response

Session extended; a fresh vk_org_token cookie is set.

refreshedboolean

Errors

401
Unauthorized Error