October 28, 2020


A test account just produced a HTTP 404 - Unauthorized while requesting an apk download from Google Play. Turns out, its session cookie had expired. The session in question was created May 30 01:15 (I need to stop pulling these all- nighters) and lasted till today(ish - pretty sure, it was in use yesterday). So, the session TTL for Google accounts seems to be around 150 days.

Not sure if there’s a renewal mechanism, other than running through the login process again (highly doubt it, though). Android users typically won’t notice when their session expires. The system’s account manager just automatically logs in again.