Auth0 Home Blog Docs

Renew/refresh login on timeout

I am using the PHP auth0 library https://github.com/auth0/auth0-PHP/blob/master/src/Auth0.php

I have a number of pages where the user can wait while ajax calls are processed - which then fail because getUser() returns null.

my JWT expiration token is set to the default of 10hrs.

Do I need to add ‘offline_access’ to the scope and periodically renewTokens to avoid this or is something else going on?

Yes, you are absolutely correct to use the offline_access scope. This will give you also a Refresh Token back, which you can then use to acquire a new Access Token with the same scopes as the previous, expired one.

However, you don’t need to periodically need to run the refreshToken method but only in case when you get an error back from the resource server you’re calling due to an expired access token. In this case, renew the access token, call the backend again with the renewed one.

General docs on Refresh Tokens:


1 Like