Browser credentials handling

Neo4j Browser relies on two things to avoid making users enter their credentials repeatedly.

The first is that the connection ensures that the existing database session is kept alive while Browser is open in a web browser tab. But this is subject to a timeout and once timed out, you have to log in again. The timeout is configured in the setting browser.credential_timeout. The timeout is reset whenever there is user interaction with the Browser.

The second one is that Browser can also cache the user’s Neo4j credentials locally. When credentials are cached, they are stored unencrypted in the web browser’s session storage. This means that you don’t need to re-enter your credentials if you refresh the page. However, if you close the tab, you need to log in again. For more information on session storage, see mdn documentation.

This local storage is also subject to the timeout configured in the setting browser.credential_timeout. In addition, caching credentials in the web browser’s session storage can be disabled altogether. To disable credentials caching, set browser.retain_connection_credentials=false in the server configuration.

If you issue a :disconnect command, any existing session is terminated, and the credentials are cleared from the local storage.

Query in Aura and Desktop

When using the built-in equivalent of Neo4j Browser, Query, in Neo4j Aura or Desktop, the credentials are handled by the Aura console and Desktop, respectively.