Hi All
I’m having a problem with users being logged out if they don’t visit my app within the token expiry time, I’ve followed all the instructions here https://auth0.com/docs/quickstart/spa/angular2/05-token-renewal and it appears to all be working correctly, however it doesn’t renew the token on application start as the user is logged out. The demo application displays the same behaviour, is there a fix for this? I would like my users to remain permanently logged into my app unless they explicitly logout.
Fergal.
@fergalmoran you should be able to acquire a new token in the background, even if the token has already expired when the user is still authenticated against Auth0 for your domain. checkSession
that is being called in the tutorial you linked to, performs silent authentication so the user is unaware it is happening. That is how we can achieve token renewals, depending on the session cookie expiration. I believe currently the tokens can be renew up to 3 days of user inactivity, this idle timeout is currently non-configurable. This is good for up to a total of 30 days, but by default this is set to 7 days under your tenant settings here.