Re authentication auth_time does't exist

aly.sabry · July 5, 2021, 1:29pm

Hi auth0,

I am using GitHub - auth0/auth0-spa-js: Auth0 authentication for Single Page Applications (SPA) with PKCE loginWithRedirect function and passing in a max_age:0 parameter to re-Authenticate a user as mentioned here https://auth0.com/docs/login/max-age-reauthentication#limitations-of-prompt-login-parameters

problem: The id Token i get back using getIdTokenClaims() doesn’t include an auth_time field that shows the last authentication. I have also tries including prompt=“login”

Thanks

thameera · July 9, 2021, 6:52am

Hey @aly.sabry , I just checked this with the latest spa-js SDK and getIdTokenClaims() returned auth_time, so I’m guessing there’s something going wrong in your setup.

Some things to check:

Open the Network tab in browser’s dev tools before starting the authentication. Now try to login and you will see an /authorize request in the list. Click on that and verify that max_age=0 is being passed as a query parameter there.
Get the raw ID token and paste it in https://jwt.io. Check if the parameter is present in the body.

Here’s the code I used btw:

await auth0.loginWithRedirect({ max_age: 0 })

system · July 24, 2021, 6:52am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.