Upcoming ACS changes: user session and geo query

Computer Science as a Abstract Background Art

We try to be as transparent as possible about important changes that could impact your development. To that end, we are planning to roll out two ACS changes in next couple of months that may impact your application.

Application User Session Expiration

An application user session never expires today.  We are introducing the policy of expiring and removing sessions that have been inactive for 6 months.

How does it affect your application?  If your application logins a user and saves the session_id, normally stored in a cookie, every time it makes a REST call to ACS using the same session_id, the expiry clock is reset and the user gets another 6 months. As long as the ACS user is active using the same session_id within 6 months, there is no impact on your application and current logged in user. If an application user is completely inactive for 6 months or more, this user session is removed and any subsequent ACS call that requires user login such as create.json, update.json and delete.json will get a 404 error. We recommend your application can handle an invalid user session error and prompts a login screen to the user to login again.

Geo Query

ACS also currently supports MongoDB’s $nearSphere Geo Query.  Geo Query requires a field to be indexed with a geo index.  The ACS fields you can perform $nearSphere on are lnglat (pre-defined location data and only available in places and events) and coordinates (list of custom defined location data and available in all objects).  It implies that places and events have two geo indexes in the same collection and that prevents us from supporting $geoNear operation that is more powerful than $nearSphere.  We will consolidate lnglat value with coordinates values and remove geo index on lnglat field.

How does it affect your application?  For events and places, even if you never explicitly copied lnglat value to coordinates, lnglat will appear as the first element of coordinates.  Performing $nearSphere on coordinates field will return a match if it matches the lnglat value.  $nearSphere query on lnglat or coordinates will continue to work as before.


Please post your questions on Appcelerator Q&A forum with “ACS” tag or leave your comments on this blog post.


  1. Cloud.Objects.create({
    classname: ‘flight’,
    session_id: currentUser.session_id,
    fields: {
    date: selectedDate.unix(),
    flightCarrier: carrier.value,
    flightNo: flightNo.value,
    “[ACS_User]user_ids”: usersOnFlight.join(‘,’),
    }, function (e) {
    if (e.success) {

    session_id here is being passed (logged in, then closed the app), reopened the App into a loggedin state, though I keep getting “Failed to authenticate user” when I make the call above.

    • I should not that currentUser is the samed object + session_id (from meta) that gets stored. When I trace out the session_id I do see it, and it is being passed, though I get the “Failed to authenticate user”

Comments are closed.