What my workflow will look like if I try to achieve the following?

I want to create a user management system. Wherein users register, login, perform some actions abstracted by API and logout.
Users sign in with password and email/username.
The authentication system I want to achieve has following goals.

  1. The api generates unique tokens for a user if he/she signs on on different devices or browsers.
  2. It verifies the token on every request may be using Auth headers.
  3. It invalidates a token based on some time and on the expiry of time itt regenerates a token and refreshes on the client side automatically. What is the client is inactive for a long time and the token expires? What should be done then?
  4. It logs the user out.

Hi @saqlain5544,

It sounds like you are describing general OAuth2 concepts and Auth0 features. I would suggest starting in our docs and getting a general understanding of how Auth0 works.

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.