00u5gu7qxDo1fy5QI2p1.5084172210329475E12 (Customer) asked a question.
We have an ASP.Net web application that uses the login widget. After the user logs in successfully, we have a “keep alive” that hits our web server every few minutes to make sure the ASP.Net Session does not expire if the user stays on a single page for too long. After about an hour, the “keep alive” request starts returning a redirect to our widget page, instead of the 200 OK response that we got for the first hour. I know that the Okta session is still active, because if we redirect to the login widget, the user is automatically logged back into our application without having to re-enter credentials. What causes requests to our website to get challenged after the user has already logged in and can I control it to automatically extend, like ASP.Net Session timeout extends each time the web server handles a request?
I think I found the settings to enable this. Does this sound like it will do the trick?
```
var cookieOptions = new CookieAuthenticationOptions
{
SlidingExpiration = true,
// default ExpireTimeSpan seems to be 14 days, so want to override that
ExpireTimeSpan = this.CookieExpireTimeSpan,
};
app.UseCookieAuthentication(cookieOptions);
var options = new OpenIdConnectAuthenticationOptions
{
// must set UseTokenLifetime to false to enable SlidingExpiration
UseTokenLifetime = false,
};
app.UseOpenIdConnectAuthentication(options);
```