Is lock.checkSession supposed to catch this max_age thing? I’m using the auth0lock and on intiial login I see the max_age parameter getting passed to the authorize function (I’m setting it to 30 seconds right now for testing), what triggers this reauthentication, auth0 automatically (if so, on what function call)? or what?
Trying to figure out how to make use of the max_age parameter.
It seems like if I want to have different session ttls, I either need to use this max_age thing properly, or create new tenants (which I’d rather not).
When initialising a new Auth0Lock instance, you can try to add the options parameter:
new Auth0Lock(clientID, domain, options)
which holds the /authorize request’s query parameters (max_age parameter is supposed to be added to the /authorize request). There might be some limitations for a specific SDK in terms of supported query parameters.