Avoid session expiration

john.gateley · December 7, 2020, 3:35pm

Long lived sessions are an enterprise feature. With the upgrade, you can have sessions up to 100 days inactivity timeout and 1 year absolute timeout.

For the 1 day issue, I would need to know what is triggering the re-log-in. Are you using a redirect flow (auth code + PKCE most likely) to log in?

If you are using ROPG, then you’ll need to use a different approach (the refresh token approach), as the Auth0 session is not created with ROPG.

But ROPG is NOT recommended (and not just by Auth0, but by the industry in general).

Which one are you using (ROPG or a redirect flow)?

John

Topic		Replies	Views
Logout user once refresh token expires, instead of making call to /authorize endpoint to get new access and refreshtoken Get Help classic-universal-login-experience , login-experience	3	4208	February 16, 2023
Keep users logged in indefinitely; react Get Help jwt , access-token	14	9569	July 25, 2019
Urgent Help Needed - Issue with Auth0 Inactivity Time Not Working in React App Get Help sessions , authentication-sessions	2	1713	June 16, 2023
Rotating refresh token locking users out after expiry Get Help	5	6629	November 25, 2020
Keep users connected longer with JWT SPA Get Help	2	2373	January 13, 2021