How can I auto-signout after periods of inactivity?

Our current flow uses JWTs and at this point in the project, we cannot change that. How can I implement session-like functionality with auto-signout after periods of inactivity using JWT refresh tokens?
Is this already supported in the Auth0 library? I’m trying to get a clear picture of what the code should look like and the standard way to implement this.
We currently access the token in the middleware, but don’t know what to do from there.

Another important thing that I’m not sure how to get around is that when using withMiddlewareAuthRequired in the middleware, the middleware doesn’t run once the auth expires so I can’t redirect to sign out.

Hi,

You can do this by reducing the token expiration time based on your needs. Try this and let me know how it works, as I haven’t tried it myself.

Thanks,

Hi @royvivat

Welcome to the Auth0 Community!

Thank you @vigneshSivasamy for your contribution.

Inside you application’s settings, under the Refresh Token Expiration you can set the desired timeframe that a refresh token will expire due to inactivity as seen below:

image1000×464 32.7 KB

Take into consideration that the lifetime period is measured in seconds when modifying the values.

If you have any extra questions, feel free to leave a reply on the post!

Kind Regards,
Nik