FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login

    If I have a PWA, how often to users need to login

    Scheduled Pinned Locked Moved Unsolved
    Q&A
    login refresh token
    1
    2
    2.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • danD
      dan
      last edited by

      I have a progressive web app that I am authenticating against FusionAuth. I'll be getting a refresh token. How often do users need to reauthenticate with their credentials (username/password, etc)?

      --
      FusionAuth - Auth for devs, built by devs.
      https://fusionauth.io

      danD 1 Reply Last reply Reply Quote 0
      • danD
        dan @dan
        last edited by

        The short answer is however often you want, but at least once per device.

        You basically can set up your refresh token policy to have your refresh tokens live for a very long time (as long as you are comfortable with the security risk; make sure to secure the refresh token carefully). That is controlled in in the application configuration: https://fusionauth.io/docs/v1/tech/core-concepts/applications/#jwt

        Then, every time an access token expires, you can mint a new one with the refresh token. Here are the APIs you'd be interested in calling:

        https://fusionauth.io/docs/v1/tech/apis/jwt/

        --
        FusionAuth - Auth for devs, built by devs.
        https://fusionauth.io

        1 Reply Last reply Reply Quote 0
        • First post
          Last post