The most important and used endpoints on most of the application I work on is the API. These are both public as internal API's. After we disabled the HTTP sessions for the API endpoints we saw a stability improvement.

If you don't need sessions, you can simple remove the following middlewares:


Sometimes you have multiple middleware groups (for example web & api). You should add above middlewares to the groups which use the session.

To see more information about how this works, take a look at:

Robin Dirksen

Robin Dirksen

On my blog you can find articles that I've found useful. This is just a simple blog built with Wink.