I know the concept of OAuth2 and OpenID. in our application authentication is happening through OKTA and we receive access-token in a response. Our architecture is a microservice-architecture and we are using EmberJS at frontend.
we have to implement remember-me functionality it will keep the user logged in for the next 30 days. I did some study on it and came to points that will satisfy my requirements.
- keep user session active for 30 days in OKTA.
- refresh access token periodically based on its expiry time.
How this refreshing will work if browser is closed? Let's say a user is logged in and closed the browser then reopened it after 3 days.
Aucun commentaire:
Enregistrer un commentaire