We have an Electron client, which when logged out and being kept idle for a while and then when it tries to login again, it gets the “session_missing” error that shows the “Couldn’t complete your authentication request. Please try again after closing all open dialogs” message above the login dialog.
Is there any set of commands/API we should call before loading the auth0 login widget or maybe pass some additional parameters to the widget to avoid getting that error message? The only thing that works when getting that error message is to close and reopen the Electron app.
We do call the clearStorageData before loading the auto0 login dialog
Could you clarify if you see the user successfully logged out from Auth0 by checking your logs? You can log the user out by calling the /v2/logout endpoint.
I would also suggest checking your network activity to verify the behavior you are expecting.
You could pass the prompt=login query parameter to force the user to login again.
We do call the /v2/logout endpoint and it logs the user out, and we can call login back again and it will work just fine, the issue happens only if the electron app stays idle (so that the login dialog stays with its “initially used value” for a long while, and then, after an hour or so, if we enter user/pass and hit the login, we will get that error,
I looked at the network tab of dev tools and saw these two endpoints being called (I’ll post the response here too)
/usernamepassword/login , returns 400 with the following object:
{
"name": "ValidationError",
"code": "session_missing",
"description": "Session missing. Close all open login dialogs and try again.",
"statusCode": 400
}
and another call to /usernamepassword/challenge which returns some long string response “hKFo2SBVdVNKeUd3enJ3azg4a…”
And when this happens no breakpoints int the apps being triggered
Yes, that is an expected behavior that idling on the login page for too long will cause the session to expire and throw the “session_missing” error.
If you prefer, you can modify the Idle Lifetime settings in your tenant settings. For more information, see our Configure Session Lifetime Settings documentation.
Thanks, but on that link you gave I saw only the Idle Session Lifetime and the Maximum Session Lifetime, and none of them seems to be related to the idling on the login page or have I missed something?
Unfortunately, there isn’t a documented value for the idle timeout for the login page. But IRCC from my experience, it’s somewhere around 30 minutes, although I have not checked if this is still true recently.
In this case, we recommend refreshing the login page after X number of minutes of detecting the page being idle on the client side.
or have I missed something?