The Business Value of Refresh Token Expiration

robertino.calcaterra · December 1, 2020, 4:18pm

Auth0 introduces sliding sessions and absolute expirations for refresh tokens, taking web app security to the next level.
Read more…

Brought for you by @mgonto

robertino.calcaterra · December 1, 2020, 8:59pm

Please let us know if you have any questions!

zshift · December 1, 2020, 10:37pm

Note to the editor for this article: JWT stands for JSON web token, not Java web token.

diego.poza · December 2, 2020, 2:12pm

Thanks for reporting @zshift! We just fixed this.

konrad.sopala · December 3, 2020, 4:48pm

Thanks Diego for the headsup!

stephanie.chamblee · February 5, 2021, 2:07pm

This topic was automatically closed 27 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Do refresh tokens expire? Why is there an 'exp' attribute? Get Help jwt , access-token	3	4655	April 20, 2019
Refresh Token Absolute Expiration Clarification Needed Get Help login-experience , new-universal-login-experience	2	1369	May 29, 2023
JWT expiration 2 hours regardless of ID Token Expiration setting Get Help jwt , expiration	8	6587	August 7, 2020
Expires_in value is always 86400 SOLVED Get Help jwt , auth0 , expiration	3	16568	February 9, 2020
Id token expires_in different from JWT exp Get Help	6	6269	September 3, 2019