Andrew
Reputation: 6860
Is there a way to set an expiry on Firebase refresh tokens?
I understand that the ID token are JWT with an expiry. However, I am curious if there is a way to set some sort of expiry on the refresh token given by Firebase sign in that allows us to call Firebase to get a fresh ID token - AFAIK these never expire.
Upvotes: 0
Views: 61
Answers (1)
Frank van Puffelen
Reputation: 598678
Refresh tokens don't expire after a certain time interval. The Firebase documentation on managing user sessions says:
Refresh tokens expire only when one of the following occurs:
- The user is deleted
- The user is disabled
- A major account change is detected for the user. This includes events like password or email address updates)
But you can revoke the refresh token (since it's really just an OAuth2 token). See the documentation on revoking refresh tokens for more on that.
Upvotes: 1
Related Questions
- Firebase refresh-token expiration
- Create firebase auth token which never expires
- How to handle Firebase expiring authentication tokens on React Native
- How to handle custom firebase token expiry in Firebase 3.x.x
- how to handle firebaseauth token expiration?
- Firebase authentication tokens expiration duration
- Firebase auth set custom expiration time for custom token
- Firebase tokens expiration and best practice for handling refresh tokens
- How can I increase the expiry time of a Firebase token?
- Can I add an expiry date to a customToken with Firebase v3?