I have a React application where i can allow user to delete or enroll in different MFAs after the user is logged in.
They can go to a specific tab in my applications and do this
But i am generating a token with /mfa audience that has a 10 minutes expiration time and it’s not changeable.
How can i guarantee that i can have a refresh or something like this so my users dont be logged out after 10 min?