If I leave the New Universal Login open for some time, I find that when I finally submit the form the login attempt is ignored and the form is presented again for me to reenter my credentials. I suspect that this is something to do with the state value “expiring” but the user experience is less than great. Can someone please confirm if this is expect functionality?
Hi @JonHarvey. That is the expected behaviour. The state parameter has an expiry. Off hand I don’t remember how long or it is adjustable. The state parameter is there to help prevent CSRF attacks.