I’m using @auth0/nextjs-auth0 SDK in my Next.JS application and trying to enable refresh token rotation.
- I enabled Refresh Token Rotation on the Settings page. (Reuse Interval is 0 second)
- offline_access added to my AUTH0_SCOPE environment variable
But when I revoke the refresh token from the user, I assume my current user will be logout. But it’s not happening like that and users can continue using the application without error.
Can someone help me figure out what you’re doing wrong?
- Which SDK this is regarding: @auth0/nextjs-auth0
- SDK Version: 1.9.0