Auth0 Home Blog Docs

Token expiry stuck at 7200 seconds




I have set id token expiry (JWT expiration) to 36000 seconds and access token expiry on API for browser flow to 1800 seconds. Yet when i get these tokens on javascript side, both are set to expire in about 2 hrs.

What am I doing wrong?



Can you provide a bit more information on your authentication request? Maybe share a snippet of code?


This happens also to me. I am using Auth0Lock V11.3.1.

      auth: {
        responseType: 'token id_token',
        params: {
          connectionScopes: {
            connectionName: [ 'openid', 'user_metadata', 'app_metadata', 'picture' ]



I have the same issue since we upgrade to version 9 of Auth0.js.
The client has been configured to use an expiration duration of one day, the token we get back only lasts for 2 hours.

In de callback url i can find following parameter: &expires_in=7200


I am having this exact issue, but I am using Lock, and I’m migrating from Lock 10 to Lock 11 and from id tokens to access tokens. No matter what parameter I change, I can’t get the expiry time to change


Hi Ricardo, Apologies for my late reply. Umm… would you like me to share my code with keys etc? Is there a secure place to share please?



For anyone else struggling with this, make sure your API settings are also changed from the default 7200. The exact field is “Token Expiration For Browser Flows (Seconds)”. It doesn’t matter what your application’s expiration settings are, they are overwritten by the specific API you’re requesting access to, in your “audience” param.