Session timeout using spring boot webapp

Hi Auth0 community

I’ve followed this spring boot quickstart and my webapp is now working with my Auth0 tenant using universal login.

I want to apply a session timeout of 15 minutes and force idle users to log in again.

I used to spring session timeout property to adjust the application timeout, and I see that an /authorize request is sent to my custom-domain auth0 tenant. But I get CORS error

Access to XMLHttpRequest at 'https://.../authorize?....' (redirected from 'http://localhost:8080/...) from origin 'http://localhost:8080' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

As I read here and here, this error is given since the authorize endpoint is not called properly since it is called directly from spring.

What are the available solutions for such deployment?

Hi @guy.hillel

Welcome to the Auth0 Community!

I am sorry about the late reply to your inquiry.

Regarding the CORS issue that you are receiving, most probably the login is server on a different origin than the one you are requesting it.
I would recommend to review these community posts:

• Cors Error No 'Access-Control-Allow-Origin' header is present on the requested resource - #8 by Alwin-dotcom
• Cors Error No 'Access-Control-Allow-Origin' header is present on the requested resource

Otherwise, you can modify the session lifetime within the Auth0 Dashboard or using the Management API.
You can refer to our documentation regarding this matter.

If you have any other questions, feel free to leave a reply or post on the community again!

Kind Regards,
Nik