Getting notified when the OKTA global session is not valid anymore

[boubou158]

Describe the feature request?

Hello,

So far, except if I am missing something, the only way to be notified that the OKTA global session is not valid anymore is to use

`this.oktaAuth.start();
const signin = await this.oktaAuth.signInWithCredentials({username: 'myUser', password: 'myPwdUser'});

const tokens = (await this.oktaAuth.token.getWithoutPrompt({sessionToken: signin.sessionToken})).tokens;

// Triggers tokens autorenewal mechanism
this.oktaAuth.tokenManager.setTokens(tokens);

this.oktaAuthStateService.authState$.subscribe((authState) => {
console.log(authState);
if (authState.isAuthenticated) {
// handle connection logic in the app
} else {
// isAuthenticated will be false if the global session is not valid anymore the moment the autorenewal mechanism triggers
// handle disconnection logic in the app
}
})`

With this approach, the issue is that it could happen that the okta global session is not valid anymore, BUT we still have to wait for the autorenewal mechanism to be automatically triggered, to be notified that the user is not connected anymore and should be disconnected. It means it could occur that user is not supposed to be connected anymore, but he is still connected on the app until the autorenewal triggers.

Is there any other way to handle the okta global session expiry?

Thanks and best regards

New or Affected Resource(s)

NA

Provide a documentation link

No response

Additional Information?

No response

[oleksandrpravosudko-okta]

Please note that by default authState.isAuthenticated value doesn't include a state of Okta session. You can modify it using transformAuthState callback to check if session is still valid. You could set your token(s) lifetime equal to session duration in Okta Admin panel to get notification when session expires.