https://supertokens.com/ logo
Channels
bot-training
community
contributing
general
github-activity
info
introductions
new-releases
random
security
support-questions
welcome-0xdelusion
welcome-aj-ya
welcome-aleksandrc
welcome-alpinjs
welcome-amberlamps1
welcome-andrew-rodriguez
welcome-ankit-choudhary
welcome-anthony-stod-custodio
welcome-call-in
welcome-chwalbox
welcome-claybiokiller
welcome-co7e
welcome-cosmoecwsa
welcome-devdag
welcome-dinso
welcome-drebotelho
welcome-elio
welcome-ernest
welcome-foxbarrington
welcome-fromscratch
welcome-galto4ir
welcome-goetzum
welcome-hay-kot
welcome-himanshu-kukreja
welcome-hossambarakat
welcome-ichikawakazuto
welcome-jahir9991
welcome-jamesl
welcome-jerry123424
welcome-john-oliver
welcome-jonas-alexanderson
welcome-jxyz
welcome-kelvinwop
welcome-kraz
welcome-lancekey
welcome-leoo
welcome-lukeacollins
welcome-m-j-mon
welcome-malik-khoja
welcome-marco
welcome-mardadi
welcome-meshguy
welcome-metamorph
welcome-mike-tectu
welcome-mirzok
welcome-mozomig
welcome-naberyou66_
welcome-nacer
welcome-namratha
welcome-naveenkumar
welcome-nightlight
welcome-nischith
welcome-notankit
welcome-olawumi
welcome-pavan-kumar-reddy-n
welcome-pineappaul
welcome-poothebear
welcome-rick
welcome-samuel-qosenergy
welcome-samuelstroschein
welcome-shubhamgoel23
welcome-shubhamkaushal
welcome-sidebar
welcome-surajsli
welcome-suyash_
welcome-syntaxerror
welcome-tauno
welcome-tawnoz
welcome-teclali
welcome-tls
welcome-turbosepp
welcome-vikram_shadow
Powered by
Title
i

ikak

02/23/2023, 5:41 AM
Hey everyone. I am using supertokens with nextjs and fastapi with custom ui and the expiration of cookies is really weird. First of all my 
st-last-access-token-update
, 
sAccessToken
, 
sFrontToken
are getting expired on 
Mar 29 2024
(after almost 1 year), while my 
sRefreshToken
is getting expired on 
Jun 03 2023
(after almost 4 months). I have even set the validity in core config file: 
refresh_token_validity: 144000
access_token_validity: 3600
r

rp

02/23/2023, 5:44 AM
hey @ikak those are cookie expiration times. Which is different from the actual token expiration time.
i

ikak

02/23/2023, 5:45 AM
But if I use the default ui, then the expiration time of the cookies is different.
r

rp

02/23/2023, 5:46 AM
hmm. That's odd
can you show me the sign in request's response headers?
and can you send the screenshot of the cookie store?
right. So i think this is a browser thing which sets it to a max of one year maybe. which is why it's setting to 2024. I'll have to check. That being said, the actual expiry of the token is checked based on the payload of the access token.
i

ikak

02/23/2023, 5:56 AM
Okay so that means the cookie's expiry is after an year but its value will expire after the time mentioned in core?
r

rp

02/23/2023, 5:56 AM
correct
i

ikak

02/23/2023, 5:57 AM
Okay thanks a lot
#support-questionsJoin Discord
Powered by