I would like to force users to log out unless they are active within 15 min. I’ve made adjustments to Log In Session Management in Tenants settings and it worked perfectly fine while I was using opaque access token.
But I noticed the access token I gained remains valid long after 15 min. I’ve learned that currently there is no way to change the expiration time for opaque token so I switched to JWT by providing
audience param to Auth0Provider and configure its expiration time in APIs to 900 sec.
However, after that Inactivity timeout stops working and I get
"401: Unauthorized" error because the token expires and the app failed to request reauthefication.
Any ideas why and how I could fix it?