Browsers, sessions & SPA quirks¶
The Cloud Digit Console is a single-page app — your browser loads it once and the UI updates without full page reloads after that. That's great for speed, less great for the occasional rough edge. This page covers what to expect, what to do when things misbehave, and how sessions actually work.
Supported browsers¶
| Browser | Minimum version | Notes |
|---|---|---|
| Chrome / Chromium | 110+ | Recommended; primary test platform |
| Edge | 110+ | Same engine as Chrome; fully supported |
| Firefox | 110+ | Fully supported |
| Safari | 16+ | Fully supported on macOS / iOS 16+; some animations are slightly different |
| Brave / Arc / Vivaldi | latest | Work fine (Chromium-based) |
| IE 11 | — | Not supported. Will display an unsupported-browser notice. |
Both desktop and tablet/iPad layouts are responsive. On phones, you can read and inspect resources, but resource-creation flows are designed for screens ≥ 768 px wide — provision from a laptop.
Recommended browser settings¶
- JavaScript: must be enabled
- Cookies: required (session token storage). Third-party cookies are not required.
- Local storage: required (theme preference, last-used project, transient UI state)
- Pop-up blocker: OK to keep on. If you click a button that opens a new tab and nothing happens, the pop-up blocker may be in the way — allow pop-ups for the Cloud Digit Console domain.
"The page is blank" — hard-reload fix¶
Occasionally, navigating between sections of the Console leaves the main pane blank or partially blank. This usually happens when the browser cached an older version of the SPA bundle but the API returns a newer schema, or when a deep-link is opened before the SPA has fully initialised.
Fix: hard-reload the page with Ctrl + Shift + R (Windows / Linux) or Cmd + Shift + R (macOS). The Console re-fetches everything and renders cleanly.
Hard-reload is harmless
The Console keeps no in-memory state that survives a reload — all data lives server-side. Hard-reload is always safe.
If hard-reload doesn't fix it, your next steps are:
- Open DevTools (F12) → Console tab and look for red error rows. Screenshot or copy the first one.
- Check that you can reach the Console domain (try
curlor another browser). - Open a support ticket with the error message + reproduction URL.
Session timeouts and re-authentication¶
Cloud Digit uses OIDC with Keycloak as the identity provider. Two relevant lifetimes:
| Token | Default lifetime | Behaviour |
|---|---|---|
| Access token | 5 minutes | Refreshes silently via the refresh token. You won't notice. |
| Refresh token | 8 hours | When it expires, you're sent back to Keycloak. SSO users usually re-auth silently; password users re-enter their password. |
| Idle session | 30 minutes | If you're inactive for 30+ minutes, the next click triggers a redirect to Keycloak. |
If you get unexpectedly bumped to the sign-in page mid-session, your refresh token expired. After signing in again, you'll land back where you were — the in-progress URL is preserved through the auth round trip.
Why so short?
Cloud Digit defaults to short token lifetimes for regulatory alignment (BB ICT 4.0 §9 — Access Control). If you find the frequency disruptive, an organization Owner can request a custom lifetime via support — typical accommodations are 4-hour or 8-hour access tokens with a 12-hour refresh window.
Signing out¶
The User menu in the top-right has a Logout entry. Use it explicitly when:
- You're on a shared / loaner machine
- You want to test a workflow as a different user (sign out, then sign in as them)
- You believe your session may have been compromised — sign out everywhere, then change your password
Closing the browser tab does not sign you out. The server-side session stays valid until the refresh token or idle window expires.
Multi-organization sign-in¶
If you belong to more than one organization, the User menu has an Organizations submenu. Switching:
- Click User menu → Organizations.
- The submenu lists every org you belong to, with your role per org.
- Click an org → the Console reloads with that org as the active context. The URL changes to reflect the new org ID.
Switching orgs doesn't sign you out and doesn't require you to re-enter credentials — your authentication is per-identity, not per-org.
Bookmarking pages¶
Console URLs are deep-linkable. You can bookmark any of:
/— your organization landing/organizations/<org-id>/settings— org-level settings (Owners and Admins only)/project/<project-id>— a project's dashboard/project/<project-id>/cloud/<service>— a specific service tab inside a project/project/<project-id>/account/financial— the project's financial page
When you visit a bookmarked URL while signed out, you'll bounce through Keycloak first, then be deposited at the bookmark.
Clearing local state¶
If the Console gets into a stuck state that a hard-reload doesn't fix (rare but possible):
- Open DevTools (F12) → Application tab → Local Storage → your Console domain → Clear All.
- Same tab → Cookies → your Console domain → delete all entries (you'll be signed out).
- Refresh the page — you'll be redirected to sign in again with a fresh state.
This is the equivalent of factory-resetting the SPA in your browser. The platform-side state is untouched; only client-side caches are wiped.
"It works in incognito but not in my normal browser"¶
That symptom almost always points at a third-party browser extension interfering — ad blockers and privacy extensions occasionally block legitimate analytics or session calls that the SPA relies on. To narrow it down:
- Disable extensions one at a time and reload the Console
- The first extension whose absence makes the Console work is the culprit
- Add an exception for the Console domain in that extension's settings