Ready to post? 
First, try searching for your answer.
Hello,
If the refresh token rotation for an application is not configured in the settings page, how long would the refresh token be valid?
i.e., Is it valid forever (can be exchanged for new access tokens forever) or valid only for a certain period of time before asking for a new login (e.g., 90 days).
Thanks, Selva
Hi there @Selva !
Unless you set an Absolute Lifetime in the “Token Settings” of your application in Auth0, the refresh token is valid indefinitely.
1 Like
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.