Automatically logging back in after token expiration

We have a web app that uses the code auth grant, but doesn't use refresh tokens. We have one customer that says that when our app token expires and they are redirected to the login page, the login page doesn't automatically sign them back in. On the login screen, the ININ-Auth-Session cookie is set and doesn't expire for a couple days.

What scenario would cause login.pure.cloud to not automatically redirect to the application? Customer states that this does not happen with the GC UI.

If the auth cookie is set, I can think of two reasons it wouldn't auto-complete the login:

• The auth cookie is no longer valid - the login server won't produce any visible errors/warnings (that I'm aware of) and will simply present the login screen. This could happen because it's simply expired (7 days TTL IIRC, but it's not publicly documented), and is probably shorter if the org is a HIPAA org.
• Your app is using the prompt=login query param when issuing the redirect to start the auth flow. This param will force the login server/page to ignore the saved auth cookie.

Investigating the details of the auth cookie isn't something we can dig into in a public setting, but Care should be able to look into the sensitive information to see what's happening during the auth flow.

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.