Auth0 Home Blog Docs

Keeping the user signed in

session
access-token
checksession

#1

Hey guys,

I jave a single page application and I’m using Auth0JS to keep the user session. The max access token expiration I can set on the API is 1 day. I need to find a way of making the user logged in for at least one month (for my product, it makes no sense to require user/pass every day). I know I can renew the token before it expires, but that requires the SPA to be open. Is there a way of accomplishing this by creating a session thru my backend? Any other options?


#5

Even if your access_token has expired, that doesn’t mean your session has expired. If you call webauth.checkSession, it will get you new tokens, as long as the session in Auth0’s servers haven’t expired. So, if you know that the access_token has expired, call webauth.checkSession to get a new one. If it returns login_required, that means that the session has expired, so the user will have to login again. More info: https://auth0.com/docs/libraries/auth0js/v9#using-checksession-to-acquire-new-tokens