Expired Refresh Tokens in mobile apps

Izil · October 13, 2022, 12:52pm

Please include the following information in your post:

Which SDK this is regarding: Auth0.Android
SDK Version: 2.8.0
Hello,

How should mobile apps check if a refresh token has expired? Is it managed by the auth0 sdk?
Any answer would be appreciated.

tyf · October 15, 2022, 12:21am

Hey there @Izil welcome to the community!

This is managed by the SDK CredentialsManager - You can adjust the lifetime at the app level and we highly recommend using refresh token rotation. Basically, if a refresh token is not present (revoked) or expired, the SDK would just require the user to login again.

Some further reading

Hope this helps!

system · October 29, 2022, 12:21am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to check if refresh token is expired in mobile app? Help sessions , rotating-refresh-tokens	2	2587	April 6, 2023
How to generate New Token from refresh Token? Help auth0 , android	2	3467	August 29, 2019
Using the PHP SDK, is it necessary to check for refresh tokens? Help auth0-php , sdks-quickstarts	1	1534	June 8, 2023
Unknown or invalid refresh token before refreh token expires in mobile app Help identifier-first , login-experience	2	454	March 13, 2024
Auth0 unlink Refresh token Help auth0	4	3029	July 13, 2020

Expired Refresh Tokens in mobile apps

Related Topics