The Business Value of Refresh Token Expiration

robertino.calcaterra · December 1, 2020, 4:18pm

Auth0 introduces sliding sessions and absolute expirations for refresh tokens, taking web app security to the next level.
Read more…

Brought for you by @mgonto

robertino.calcaterra · December 1, 2020, 8:59pm

Please let us know if you have any questions!

zshift · December 1, 2020, 10:37pm

Note to the editor for this article: JWT stands for JSON web token, not Java web token.

diego.poza · December 2, 2020, 2:12pm

Thanks for reporting @zshift! We just fixed this.

konrad.sopala · December 3, 2020, 4:48pm

Thanks Diego for the headsup!

stephanie.chamblee · February 5, 2021, 2:07pm

This topic was automatically closed 27 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Do refresh tokens expire? Why is there an 'exp' attribute? Get Help jwt , access-token	3	4654	April 20, 2019
Refresh Token Absolute Expiration Clarification Needed Get Help login-experience , new-universal-login-experience	2	1362	May 29, 2023
JWT expiration 2 hours regardless of ID Token Expiration setting Get Help jwt , expiration	8	6563	August 7, 2020
Expires_in value is always 86400 SOLVED Get Help jwt , auth0 , expiration	3	16511	February 9, 2020
Id token expires_in different from JWT exp Get Help	6	6225	September 3, 2019