Auth0 SPA Session TTL Part 2

Continuing the discussion from Auth0 SPA Session TTL

Is lock.checkSession supposed to catch this max_age thing? I’m using the auth0lock and on intiial login I see the max_age parameter getting passed to the authorize function (I’m setting it to 30 seconds right now for testing), what triggers this reauthentication, auth0 automatically (if so, on what function call)? or what?

Trying to figure out how to make use of the max_age parameter.

It seems like if I want to have different session ttls, I either need to use this max_age thing properly, or create new tenants (which I’d rather not).

Hey there @nikhil.batta,

When initialising a new Auth0Lock instance, you can try to add the options parameter:

new Auth0Lock(clientID, domain, options)

which holds the /authorize request’s query parameters (max_age parameter is supposed to be added to the /authorize request). There might be some limitations for a specific SDK in terms of supported query parameters.

(Lock Configuration Options)

var options = {
  auth: {
    params: {state: 'foo'},

If added when initialising a new Auth0Lock instance, there’s no need to repet it when calling checkSession() method.

I didn’t test it myself but based on the documentation, these are the only supported parameters for the auth0-lock library.

If you have a chance to test it out, please let us know how it goes. Thanks!

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.