Run the auth0-angular-samples application with the auth0 application client config and run the application. Login to applications with your auth0 credentials on Chrome browser in 2 different tabs with the same user. In one tab log out the user and move to the second tab.
Observation:
- If no action is taken on the second tab after a certain amount of time the app logged the user out.
- Once switch to the second tab and performs some action or route navigation, the token call is made and a new access token, and refresh token is received in the response and the application performs as normal. But if the page is refreshed at any point, then the application in the second tab gets logged out.
Is this an expected behavior? If so then when any action is taken and a new access and refresh token is provided why does the application log out on page refresh?
Configuration:
- Using the default sample application
- Refresh token rotation is enabled
- Reuse Interval: 5 secs
- Absolute Expiry: 43200 secs
- Inactivity Timeout: 43119 secs
- ID token expiration: 60 secs
- API Token Expiration: 60 secs
- API Token Expiration For Browser Flows: 60 secs
- Allow Offline Access: Enabled