amazon-cognito-auth-js icon indicating copy to clipboard operation
amazon-cognito-auth-js copied to clipboard

Published 20 hours ago verified publisher icon amazon-archives

Session expired after 60 minutes

Open boyuan459 opened this issue 7 years ago • 2 comments

I have a Single Page Application written by React + Redux + Router. The session expired after 60 minutes even I run getSession every 15 minutes. So I need to login every hour, is there any way to extend the session for 8 hours.

boyuan459 avatar Mar 30 '18 06:03 boyuan459

Hi @boyuan459, are you using implicit grant flow? Its response_type is token. Then you will only get id_token and access_token when you signed in. These two kind of tokens are valid for an hour.

You can use authorization code grant flow(response_type is code), then the Auth SDK will exchange code for all three kinds of tokens(including refresh_token). If refresh_token is valid, it will refresh tokens for you. You can set refresh_token validity(up to 3650 days) when create app client on Cognito console.

yuntuowang avatar Apr 03 '18 23:04 yuntuowang

Related to issue: https://github.com/aws/amazon-cognito-auth-js/issues/92

@yuntuowang why Cognito doesn't support prompt=none for enabling silent refresh for SPA applications?

luomavaltteri avatar Jul 11 '18 09:07 luomavaltteri