Hello, I have a ReactJS application that uses the auth0-react library and use the basic implementation of the package. I want to implement Auth0 inactivity timeout, but upon following this doc (Session Lifetime Limits) and setting the timeout duration to 1 minute, I`m able to access protected endpoints (a minute passed). Am I doing it wrong or is there something missing that I need to include (both Auth0 config and React)?
Hi @kim1001,
Welcome to the Auth0 Community!
Are you using refresh tokens? Have you seen this doc? Inactivity Expiration with Refresh Token