Pardon me if I have already presented the problem in other forms and questions but I am really trying to work around this. I have a client/api setup on Auth0 and using the new implicit flow. I can renew tokens using
renewAuthwhich I have implemented and got rid of refresh tokens in my web app. The problem is that there is a time limit on
renewAuth, which seems to be tied to the SSO cookie.
I need my users to be able to renew api tokens for a very long time, without bugging them with a login page. Currently it seems I can’t do it for more than 30 days, and what’s worse they have to login again if they don’t use my app within 3 days. I can somehow set the 1st parameter from the dashboard, but not the second.
This is unacceptable for my users and is creating a problem with my company in using Auth0. What I need is the same user experience provided by many sites, implicitly or with the “remember me/keep me logged in” flag.
As it is, the new
renewAuth flow is not a replacement for refresh token functionality. I really need this to be solved out, Auth0 please help with any suggestion/solution.