Access token minimum expiration time, API page or applications page?

What is the minimum token expiration time for a javascript SPA - I can’t find that information here?

The link above mentions configuring the expiration time on the API’s page - but what about the expiration time I can configure on the “applications page”. Could I just configure the JWT Expiration time here?

Thanks for helping out.

In Auth0, JWT token format is used for both access_token and id_token. You can change id_token life time from Applications section and access_token lifetime from API section.

See following video clip for difference between id_token and access_token.

1 Like

Ok, so something likes this can be concluded, for access tokens:

Token Expiration Token Expiration For Browser Flows
default value 86400 (1 day) 86400 (1 day)
min value 300 (5 min) 300 (5 min)
max value 2592000 (30 days) 86400 (1 day)*

)* can’t be greater than token expiration time.