I’m sorry if this question has been answered already, I’ve not been able to find one that relates to our issue.
We are using the Implicit Flow and use
checkSession() to renew the token when the current token has expired, which is working well.
However, we’re a little confused as to when
checkSession() eventually stops working and we get the impassable
login_required. Generally, this happens when I come back to my development machine in the morning, after a 12+ hour break.
We had assumed that this was connected to the timing values in the following fields:
- API > token expiration
- API > token expiration for browser flows
- Applications > App > JWT expiration
However, if we set them all to 20 seconds we still don’t get the
login_required message as we thought we would, after 20 seconds.
Could someone explain:
- why the updated timings don’t seem to have an effect on the
- what we need to do to fix this
- what the rationale is behind the full login and
- how we should handle that in the app to minimise user disruption (the user will lose their current state if they have to go through the login flow again)
Is there a bit of the docs we should read to understand this?