Hi,
I have a angular application using the latest Okta Angular SDK, 3.0.1.
I have decided to manually handle my tokens.
The logic I have is quite simple. After every 15 minutes I will renew the access code, store it in the localstorage, and after an hour when the idToken expires I will log them out.
// when idToken expires or clicking the logout button
let options: SignoutOptions = { postLogoutRedirectUri: environment.okta.postLogoutRedirectUri };
if (!!token.token) {
options = { ...options, idToken: token.token };
}
this.oktaAuth.signOut(options);
However, when I tried to log back in after an hour I see the 400 Okta error page but I won’t see this if I logout within the hour.
Only happens after an hour when the idToken has expired, weird?.
FYI
are you using PKCE-enabled flow? yes
is there a custom token lifetime policy set for access token? Yes, Access Token lifetime 15 minutes.
are you using refresh tokens? no.
which SDK and Angular version you are using? “@okta/okta-angular”: “^3.0.1” and Angular 9.
using session? no, not my decision.
Much Appreciated.