i am facing an issue with okta session api refresh when the application is in ideal state for more than 4 hr
i have set the sign-on rule to expire after 15 days if session is in ideal state but still when i leave application for over 6hour (mostly at night around 8pm and then interacts with application next day in morning around 9am)
even though the life time is much greater my okta session some how expires
how can i debug it
your help is much appreciated.
What type of application is this, is it an OIDC app? Does the session expiration at all align with your configured token lifetimes? Custom authorization servers can have custom lifetimes, while the Org server has hard-coded lifetimes, see What is the lifetime of the JWT tokens | Okta Help Center)
yes it is OIDC and
session expiration time is 30 days
and token expiration is default ie. 60 min
what i am getting is that session is still active (checked it with oktaauth.session.exist()) but when i try to get token with token.getWithoutPrompt() then i am getting OAuthError: The client specified not to prompt, but the user is not logged in.
this issue occurs when user comes to app after leaving it overnight
Why not use a refresh token to keep the user logged into the OIDC app? That way the application session is no longer reliant on the Okta session lifetime.
Can you please guide me to the configuration for okta-authjs for fetching refresh tokens
and to use it for renewing accessToken
Ensure that the app you are using has Refresh Tokens enabled as an allowed “Grant type”, found under Application → General → General Settings
As long as you configure the app to request the
offline_access scope, okta-auth-js will handle the token renewals for you (provided you have autoRenew enabled).
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.