Do our users really get logged out if they don’t use our app every 3 days, regardless of any other session / refresh token settings? This is a nightmare user experience scenario for us.
Seems like a questionable (at best) tactic to get people to pay for a higher tier on Auth0, especially struggling bootstrapped startups like us that are trying to do everything they can to give users the best possible experience and retain customers. We don’t have the money to pay for an enterprise plan. Is there anything we can do? Other than hacking in an insecure workaround, like a backend “keep-alive” job, which would require us to store users’ refresh tokens.
Am I missing something here? There are a lot of other posts on the same topic, so I imagine I am not:
https://community.auth0.com/t/short-inactivity-timeout/57918
https://community.auth0.com/t/handling-short-inactivity-timeout/50405
https://community.auth0.com/t/auth0-increase-inactivity-timeout/75735
https://community.auth0.com/t/auth0-session-lifetime/59055
https://community.auth0.com/t/is-it-possible-to-use-auth0-for-long-term-web-authentication/20550/2
https://community.auth0.com/t/how-to-stay-logged-in-forever-ish/62926/10