Problem statement
As per the documentation, Redirect Actions will suspend the Actions pipeline when a redirect is issued.
How long will Auth0 suspend the Action before terminating the connection/request?
For example, in the following scenarios:
- Auth0 did not get a response from the external page.
- Auth0 got the response from the external page very late, e.g.; after 8/10 hours.
Solution
Since October 17, 2023, Auth0 enforces a maximum lifetime of 1 hour for authentication attempts. Transactions lasting longer than 1 hour to complete are expiring.
After the login attempt expiration, subsequent actions from the end user’s browser, e.g., a redirect back to Actions/Rules, will result in either:
- Redirect to the associated application’s default login route to reinitiate the flow as a new login transaction or
- Serve an error page if the default login route is not configured. The end user must return to the application to reinitiate the login transaction.