Background:
I’m prepping my classic universal login page for the upcoming 1-hour expiration. Because we’re not on the new universal login, users will get redirected to our generic error page (not any default or client specific initiate_login_url) when the log in transaction has expired. The expiration right now is 3 days but more like 2-3 hours in my experience. I am adding some javascript to the login.html page to set a pre-login session expiration that once triggered will warn users and provide a link to restart the login flow. This seems like a better ux for users.
My question: Because we have multiple apps/clients (web/native) with their own initiate_login_url, would it be enough to just call window.location.reload() vs create branching logic to figure out the client_id and redirect to a url that will start the log in flow again? More specifically is Auth0 smart enough to handle this page reload and redirect the client caller with a new auth transaction state that preserves any other data that was passed to it? This seems like the right and easiest approach, if Auth0 can handle that.
I assume this works because I can start a login flow, let it sit for an extended amount of time, and when I reset it, the auth flow begins again and I get new values in my url query parameters, at least the state one.