Refresh token revoked on logging in on multiple devices
-
Refresh token in the first device logged in, is getting revoked when the same user is logged in on some other device/browser.
Why is this happening? I see no documentation regarding this behaviour of fusionauth anywhere.
Where can I change this configuration? -
Update: This behaviour is observed when the user logs in on same application in multiple devices.
-
I'm currently experiencing the exact same thing.
-
I have read your article, it is very informative and helpful for me.
-
Hmmm. Haven't run into this before.
The refresh token revocation behavior is documented here: https://fusionauth.io/docs/v1/tech/core-concepts/applications#jwt and here: https://fusionauth.io/docs/v1/tech/core-concepts/tenants#jwt
Can you provide a few more details?
- how are you logging the user in
- what are your refresh token settings for this application
- What is the
- what version of FusionAuth are you running
Thanks,
Dan -
-
User logs in through authorization code grant flow
-
Here goes the refresh token settings for the application:
- FusionAuth version being used is 1.36.6
Thanks,
Vindhya -
