Renew/refresh login on timeout

I am using the PHP auth0 library

I have a number of pages where the user can wait while ajax calls are processed - which then fail because getUser() returns null.

my JWT expiration token is set to the default of 10hrs.

Do I need to add ‘offline_access’ to the scope and periodically renewTokens to avoid this or is something else going on?

Yes, you are absolutely correct to use the offline_access scope. This will give you also a Refresh Token back, which you can then use to acquire a new Access Token with the same scopes as the previous, expired one.

However, you don’t need to periodically need to run the refreshToken method but only in case when you get an error back from the resource server you’re calling due to an expired access token. In this case, renew the access token, call the backend again with the renewed one.

General docs on Refresh Tokens:

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.