<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D54z00009a0FnSCAUOkta Classic EngineAuthenticationAnswered2025-12-21T09:00:22.000Z2023-08-23T17:56:17.000Z2023-09-07T22:02:02.000Z

707ex (707ex) asked a question.

August 23, 2023 at 5:56 PM
Displaying a modal to the user warning that their session is about to expire

I'd like to display a modal to a user who's been inactive indicating that their session will expire in X number of minutes (and give them the option to logout/extend the session). I previously accomplished this using the expireEarlySeconds attribute in the TokenManager, but in more recent versions of okta-auth-js expireEarlySeconds is a development only attribute, so that's no longer working. Is there a recommended way to accomplish this?

  • 3 answers
  • 719 views

  • 707ex (707ex)

    Just to add, I'm using Typescript/React with okta-react 6.7.0 and okta-auth-js 7.2.0

  • paul.stiniguta1.508386743840768E12 (Okta, Inc.)

    Hello @707ex (707ex)​ Thank you for reacting out to our Community!

     

    I was able to find this similar question on the developer forum that might provide some inside on this issue:

    https://devforum.okta.com/t/how-to-implement-session-timeout-alert/10136

     

    Additionally if you need further assistance we recommend to leverage the Okta Developer forums for this type of questions and take advantage of their expertise.

    https://devforum.okta.com/

     

    Community members help others by clicking Like or Select as Best on responses. Try it today.

     

    💡 Community Moderator Tip: Join a group today and connect with other Okta customers by region or product.

    Expand Post

    • 707ex (707ex)

      Hi Paul, thanks for sharing that. The original poster's question is exactly what we're trying to accomplish, but none of the responses actually answered his question. Even his own response is a little ambiguous. I'm hoping you can clarify Okta's intended way for these tokens to be used.

       

      To reiterate, what we're trying to do is display a countdown modal to the user letting them know how much time is left in their session. We currently have the access token set to expire ~5 minutes and 30 seconds before the id token. When the access token expires, we use an event handler for the expire event to display the countdown modal (which should display the time remaining in the id token). The user can then either choose to logout or renew the access token and continue with their session. Can you confirm if this is in line with Okta's recommendations?

       

      That aside though, there are still 2 big discrepancies between the settings in our dashboard and the behavior we're seeing. I've already confirmed that the user/group being tested are all correct.

      1. The refresh token is set to be unlimited, but in the authManager it has the same expiration time as the access token. The access token/id token expirations reflect our settings in the dashboard.
      2. With the refresh token and access token expiration times being the same, I would expect that after the access token expires, any renew call would fail. However, there's a roughly 15-20 second window after the access token's expiration in which we are able to successfully renew.

      Any light you can shed on these issues would be greatly appreciated.

      Expand Post
This question is closed.
Loading
Displaying a modal to the user warning that their session is about to expire