Hi,
I have tried to set both the inactivity timeout and the Require log in after values to a low time frame. I also tried to set Token Expiration under Token settings to the same amount.
It is an Nextjs application.
It will not log out automatically.
When I look at the appSession cookie it is set to a time longer into the future than expected.
Additional info. This is a project that I recently took over, so I didn’t set up the Auth0. Also meaning that I’m not 100% familiar with either the project or the auth set up.
Appreciate all help and guidance!
Hi @gautelorentsen,
Welcome back to the Auth0 Community and sorry for the late reply.
In NextJs the appSession cookie is still valid after a successful logout since this app session cookie is stateless. This is the expected behavior and there is no built in handler for this use-case in the Next.js SDK, however silent authentication can be configured. Please check out the guidelines from our Knowledge Article on how to sync sessions with Auth0 when using the NextJS SDK.
I would also definitely recommend having a look over this community post for more details and solutions regarding your issue.
I hope this helped.
Thanks,
Remus