Avoid session expiration

Hi @MrRennen

Long lived sessions are an enterprise feature. With the upgrade, you can have sessions up to 100 days inactivity timeout and 1 year absolute timeout.

For the 1 day issue, I would need to know what is triggering the re-log-in. Are you using a redirect flow (auth code + PKCE most likely) to log in?

If you are using ROPG, then you’ll need to use a different approach (the refresh token approach), as the Auth0 session is not created with ROPG.

But ROPG is NOT recommended (and not just by Auth0, but by the industry in general).

Which one are you using (ROPG or a redirect flow)?

John