Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Check Refresh token expiration on the client #583

Open
hasan7n opened this issue Apr 19, 2024 · 0 comments
Open

Check Refresh token expiration on the client #583

hasan7n opened this issue Apr 19, 2024 · 0 comments
Labels
project: Core topic: misc type: enhancement New feature or request

Comments

@hasan7n
Copy link
Contributor

hasan7n commented Apr 19, 2024
edited

Some users are experiencing an "Unknown or Invalid refresh token" error. This may be caused when a user leaves the MedPerf client for a month, since the refresh token lifetime is 1 month, and the error above could happen when the refresh token is expired.

For a better user experience, the MedPerf client should keep track of the refresh token lifetime and instruct the user to login again if the existing refresh token has expired.

One TODO before this: check whether the 1 month lifetime is relative to the last login timestamp, or relative to the last refresh request. (Since we use Refresh token rotation). It's not clear from the Auth0 docs, so we may test this manually with small lifetimes using the development tenant.
@hasan7n hasan7n changed the title Check Refresh token lifetime on the client Check Refresh token expiration on the client Apr 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
project: Core topic: misc type: enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@hasan7n