I am evaluating Auth0 as an identity provider for an authentication/authorization overhaul I am working on for a client. One of the requirements is that a user must be able to stay logged in for 6+ months. Really the time is arbitrary but 6 months it the minimum. I was reading this post for information:
however, I see that it has been closed and there was never any resolution. Can anyone tell me if the information in that post is still relevant and whether or not the functionality to adjust expiration times has been implemented?
The architecture is a multiple Single Page Application (SPA) website that functions as a single website with subdomains. Users should stay logged when moving between SPAs on different subdomains. The SPAs are supported via an API layer that we have complete control over.