Refresh session and use different bigger local timeout than the session lifetime

lowkey_daisy · January 23, 2024, 4:03pm

Hi! I have a question and would really appreciate if someone could help me with it.

I have a use case where I would like to extend the session for more than 3 days, since the user will use the app offline and might become online after a week.
I’m using the express-openid-connect library in a SSR Nextjs app with an express router.
There’s no need for access tokens, so I’m just using the middleware in the endpoints to check that the user is authenticated, so only the id_token is really being used.

I saw that there’s a limit of 30 days for the session lifetime, but is there a way of refreshing and getting a new one without forcing the user to enter its credentials?

If not, is it possible to have a bigger absoluteDuration in the express-openid-connect settings than the session lifetime limit? What would happen?

Thank you!

dan.woda · January 25, 2024, 10:18pm

Hi @lowkey_daisy,

Welcome to the Auth0 Community!

Session lifetimes limits can be longer than 30 days, see this doc. There is a limitation based on which plan you’re on, and you’re not going to be able to extend the session past the limit on your plan.

Hope that helps!

system · February 8, 2024, 10:19pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.