Configuring auth0 session duration


  1. Am I correct in saying the auth0 session (ie the session that controls how often a user has to login again, when the /authorize endpoint is called) is different to the identity token “iat” and “exp” claims? Assuming of course that the logout URL has not been called explicitly…
  2. Is it possible to configure how often a user has to re-login to Auth0?



Hey there!

Sorry for such huge delay in response! We’re doing our best in providing you with best developer support experience out there, but sometimes our bandwidth is not enough comparing to the number of incoming questions.

Wanted to reach out to know if you still require further assistance?