Hi Team,
We have configured an persistent idle session timeout to be of 2 hours ,
but after being inactive for more than 2 hours or long its giving an error stating” an error occurred during authorization flow, though as soon as after 2 hours it works , why after waiting for long time of inactivity we get “an error occurred during authorization flow” error. instead of logging out.
what could be issue here, any suggestions would helpful
Regards,
Chaitra k.
Hi @chaitrk
Thank you for reaching out to us!
Once the idle time of 2 hours is reached, the Auth0 session expires as intended, but if your application attempts a token exchange or silent authentication, the request is rejected because the session does not exist anymore. In this scenario, my assumption is that you do not have a redirection to the login screen implemented for such scenarios, hence why you are presented with the mentioned error message instead.
If the user interacts with your application after the 2 hour period, because the session has expired, the Auth0 server will likely return one of the following errors : login_required or consent_required and at this moment, if your application is not configured to catch these errors and explicitly trigger logout() or loginWithRedirect(), then you will receive the generic “an error occurred during authorization flow” error message.
My suggestion for fixing this behaviour would be to implement the logic in your application or SDK to catch the mentioned errors from the Auth0 server and trigger a redirect to the login page for the user.
I recommend reading through the following resources, as they can prove useful for further understanding such behaviours:
Hope this helped!
Have a great one,
Gerald