Auth Token issues on web app

Dear Comet Chat,
I’m currently working on an integration of CometChat into an existing platform of ours. So far I have our backend working that registers, deletes and keeps users up to date in the CometChat REST API, I am generating AuthKeys on user registrations and saving that to the DB. I’m planning on logging users in with that AuthKey. I switched to Chrome in order to have access to the Redux devtools for my app and started going through the documentation. When attempting to log-in in Chrome I get the following message: " The auth token is registered with another deviceId". I consistently keep receiving this error when I try to log-in with the key saved on my user in my database. What would be a solution to this? We’re only developing a javascript client, no other type of API will be used.

1 Like

Hello @beez,

Whenever you log in for the first time, we create a deviceId which are saved in the local storage and mapped to that particular AuthToken. We never delete deviceId [unless you clear the local storage] and AuthToken even if you logout from CometChat. Although a new deviceId is generated if you clear the local storage. If anywhere in your code, you are clearing the whole local storage, then you won’t be able to login using the previous AuthToken.

Ideally, the new AuthToken needs to be generated whenever a user is authenticated by your system. The API allows the creation of AuthToken during registration as most of the systems allow direct login for the newly registered users with explicit login.

Hope this helps!


Thank you for the response! This has been really helpful! A question: generating a new AuthKey on each login for each user is doable but will I ever hit a limitation of having too many AuthKeys on a user so do I have to factor in a way to delete old AuthKeys?

Edit: I can obviously store them in the session and make a request to the API to delete it if the user explicitly logs off but I’d like to know if I need to handle auth keys that expire due to session time out


Hi @beez,

There is no such limitation over number/expiry of authTokens. Also, they do not expire.

If you wish to delete them you can do it via dashboard or using REST API:

Warm Regards,

Ketan Yekale
CometChat Team


okay, thank you all for the information this was all great to learn!


This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.