You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The Max-Age of the access_token should perhaps be explicitly set to be the same as the exp of the JWT, this way (hopefully?) mobile browsers will keep the access_token for longer . Right now the Max-Age attribute is unset, which translates to Session (At least that's what the dev console says), which causes mobile browsers to not save the token for long enough (Once the page switches to "Preview" the token seems to be gone which is rather annoying) (See this).
I'm not entirely sure if this is the best solution to my problem, perhaps refresh tokens would be a better solution? (I guess they're stored differently, rather than per-session? Even if not, it seems to be a more "secure" solution.
The text was updated successfully, but these errors were encountered:
The
Max-Ageof theaccess_tokenshould perhaps be explicitly set to be the same as theexpof the JWT, this way (hopefully?) mobile browsers will keep the access_token for longer . Right now the Max-Age attribute is unset, which translates toSession(At least that's what the dev console says), which causes mobile browsers to not save the token for long enough (Once the page switches to "Preview" the token seems to be gone which is rather annoying) (See this).I'm not entirely sure if this is the best solution to my problem, perhaps refresh tokens would be a better solution? (I guess they're stored differently, rather than per-session? Even if not, it seems to be a more "secure" solution.
The text was updated successfully, but these errors were encountered: