Hello,
I’m using a typical PKCE hosted login setup initialized once at the top of the app with the following:
@okta/okta-auth-js: “5.8.0”
@okta/okta-react": “6.1.0”
const okta = new OktaAuth({
issuer: REACT_APP_ISSUER,
clientId: REACT_APP_CLIENT_ID,
redirectUri: window.location.origin + ‘/login/callback’,
pkce: true,
tokenManager: {
autoRenew: true
}
});
const restoreOriginalUri = async (_oktaAuth, originalUri) => {
history.replace(toRelativeUrl(originalUri || ‘/’, window.location.origin));
};
…
…
For the most part we have had no issues, however after deploying to several environments some users are complaining about being intermittently logged out. I use the application daily and cannot reproduce the issue. To rule out typical session expiration I set the sign in policy to over 8 hrs and was able to going an entire day without hitting an expiration break point as expected. At this point, I use so little of the API surface I am just learning what issues might be possible. I did convince one of the users to record an HTTP archive file and it shows a request made to the login URI made in the middle of a page that just has normal application logic.
There are support tickets in the past that exhibit some of the characteristics, but they could be out dated.
Without having gone through the component source code yet, it is possible that signInWithRedirect() is getting triggered by some error ?
What is the best way to log Okta related events that might uncover this problem ?
Is it possible with some custom hook to block the normal signout workflow with a guard so that its not triggered automatically ?