Prerequisites
- An Auth0 account and tenant
- An application registered in Auth0
- An API (resource server) configured in Auth0
Step 1: Configure Anonymous Sessions for your tenant
Set the anonymous session lifetime and token format at the tenant level.- Dashboard
- Management API
- Navigate to Dashboard > Settings > Tenant Settings > Advanced.
- Scroll to Session Expiration.
- Enter a value for Anonymous Session Lifetime (in seconds). Auth0 recommends 30 days or longer for most applications.
- Select whether to use JWE (encrypted) or JWT (plain) for session tokens. Use JWE in production to prevent clients from reading token contents.
- Select Save.
Step 2: Enable Anonymous Sessions for your application
- Dashboard
- Management API
- Navigate to Dashboard > Applications > Applications and select your application or create a new one.
- Select the Settings tab.
- Scroll down to Anonymous Sessions.
- Toggle Enable Anonymous Sessions to on.
- Select Save Changes.
Step 3: Enable Anonymous Access for your API
- Dashboard
- Management API
- Navigate to Dashboard > Applications > APIs and select your API.
- Select the Settings tab.
- Scroll to Anonymous Access.
- Toggle Allow Anonymous Access to on.
- Select which scopes are available to anonymous users.
- Select Save.
Step 4: Create your first anonymous session
Make aPOST request to the /anonymous/token endpoint:
Step 5: Update the session with metadata
Include thesession_token from the previous step to continue the same session and add metadata:
Next steps
- Transfer Anonymous Sessions to Users — Migrate guest activity to authenticated accounts on sign-up or login.
- Claims Mapping — Include session metadata in access tokens without writing Actions code.
- Anonymous Sessions Best Practices — Security and performance recommendations.