Hi, I am using Next js.
How to implement the logout of all users after a password change. I mean, I need to set a short access token lifetime and use revoke refresh token after password change. But I don’t know how to implement this with Next js (what settings I need to do or something else).
Thanks
Hi @eli2,
Welcome to the Auth0 Community!
You could use a Post Change Password Action to log the user out by calling the /v2/logout endpoint to force them to logout.
Here is the code snippet to accomplish this:
const axios = require("axios");
exports.onExecutePostChangePassword = async (event) => {
var options = {
method: 'GET',
url: 'https://YOUR_DOMAIN.REGION.auth0.com/v2/logout',
headers: {'content-type': 'application/json'},
data: {
client_id: "YOUR_CLIENT_ID",
returnTo: "LOGOUT_URL"
}
};
axios.request(options).then(function (response) {
console.log(response.data);
}).catch(function (error) {
console.error(error);
});
};
I have just tested this Action script and can confirm that it works.
See this doc to learn more about forcing users to log out of your application.
Please let me know if you have any questions.
Thank you.