Users are likely getting logged out of your app because their tokens are expiring overnight. When using our React and Auth JS sdks, you are securing your application via OAuth/OIDC tokens and only their lifetimes matter when it comes to your application session.
You may want to look into using refresh tokens in your app to keep your user’s logged in longer. The SDKs support this OOTB, but you will need to
- request the offline_access scope in your app
- update your Application settings in Okta to permit the “refresh token” grant.
- Depending on the Org you are testing in, this may require you to enable an EA feature called “refresh token rotation,” which can be found in your Admin console under Settings → Features
PS, the ‘remember me’ checkbox only saves the user’s username as a cookie so it can be pre-populated for them next login. It has no effect on the user session in your app or in Okta.