Auth0 Home Blog Docs

Access_token expires in 24hours for newly created users

Hi, For our application when we any new user login to the application using auth0, the access_token gets expired in 24 hours but at the same time, access_token does not expire for users who logged in more than a few weeks ago. Is it due to any new changes on auth0 ?

Hi @nihalilu,

Access token expiration should conform to this schedule:

If you think you have found a bug, please let us know more about the setup you are using (what framework/language, how to reproduce)

Thanks,
Dan

I have modified token expiration time from 86400 seconds to maximum but still same case the token is getting expired automatically in 24 hours. This is something automatically happened, it was working fine until few weeks back.

Please let us know more about the setup you are using (what framework/language, how to reproduce).

This issue occurs after 24hours of account linking with alexa or action on google.

My understanding is this is unable to refresh token. This was working fine until few weeks ago. Then suddenly this started occurring. Is it because of any changes at Auth0 ?

Here is Authorization url-

https://[my-tenant].auth0.com/authorize?prompt=login

Token url-

https://[my-tenant].auth0.com/oauth/token

Attached screenshot of scopes being used and linking type is Authorization Code flow.

Is this because of any new changes at auth0 ?

I am not seeing any global changes that would’ve caused token expiration to be shortened. Which means this is likely either a bug or misconfig.

Please send me your tenant name in a DM.

I would like to ask again that you provide the information that I initially requested. Please let us know more about the setup you are using (what framework/language/SDK/Quickstarts/tutorials you used to build your app).

In addition, you can see your token expiration setting in your API settings:

We are using this for Account linking with Alexa and Google assistant.
Framework which we are using is https://cdn.auth0.com/js/auth0/9.11.2/auth0.min.js.
Also, I tried with https://cdn.auth0.com/js/lock/11.20/lock.min.js but the issue was persisting continued.

To get the userinfo we have written our code in C#, which gets the userinfo by sending bearer token at https://[my-tenant].auth0.com/userinfo
I shared tenant name in DM.

Note- This issue started few weeks back, earlier it was working fine.

1 Like

Everything in the tenant looks normal right now. Are you requesting a token with your api as the audience? Or just a standard token for the userinfo endpoint? If you post your code that could be helpful.

Can you provide me with a HAR file via DM of a login from one of the older users with the longer-lived token?