Hi
- Am I correct in saying the auth0 session (ie the session that controls how often a user has to login again, when the /authorize endpoint is called) is different to the identity token “iat” and “exp” claims? Assuming of course that the logout URL has not been called explicitly…
- Is it possible to configure how often a user has to re-login to Auth0?
Thanks
Ben