Re-authenticating the user

Hi @amitudedhia,

Welcome to Auth0.

The token has an expiration, after it is expired you will have to request a new, valid token. This is one way to limit the user’s session. You can also implement silent authentication (it looks like you are trying this already), which will automatically renew the token based on a cookie or you can renew the token with a cached Refresh Token. This will depend on if you are treating your app like a SPA or native app. I think a chrome extension would be considered a SPA.

Unfortunately, we don’t have a lot of official documentation for how to implement these things in a browser extension, so you may run into some blockers because of that. There are some threads in the Community, you will find the search bar helpful.

This is where silent authentication comes in. You may find this thread useful, some users were able to work through longer sessions in a chrome extension.

https://community.auth0.com/t/sync-auth-state-between-multiple-applications-spa-chrome-extension/33994/23