authentication oauth-2.0 identityserver4 openid-connect refresh-token

Does IdentityServer4 have a mechanism to alert a user their refresh token is about to expire?

Currently my solution has refresh tokens with sliding timeout of 1 hour, and an absolute timeout of 6 hours.

My requirement (which I was given, for the record I don't like this!) is that I must alert the user that their session is about to expire and that they must interact with the system if they want to continue.

Does IdentityServer4 have a mechanism for handling this?

If not, is there a preferred approach to implementing this functionality?

Solution

No, there is no built in function for this, its up to the clients to ask for new tokens when they are about to expire.

The easiest solution is to use the IdentityModel.AspNetCore NuGet package and you can read the documentation here

Where to store the refresh token on the Client?
Django using email authentication with djoser for login
rpId validation failed in Passkeys PoC on Android using Jetpack Compose
How to obtain a boolean out of a SQL WHERE condition?
Flutter MSAL_js-based (B2C) Authentication fails
What is the standard/modern way to use CAC/PIV card authentication in Java/Tomcat web applications?
Enforce MFA for specific API called from SPFx via AADTokenProvider (Even with SPO MFA)
How to Properly Set Up Auth Middleware in Nuxt 3 with Node.js Backend?
How to handle client card/pfx authentication certificate popup in Playwright
Swift Discord OAuth2 redirect URi not supported by Client
Symfony security component - Unable to find key \"username\" in the token payload
How to properly use Bearer tokens?
"MultipleObjectsReturned or ObjectDoesNotExist error when accessing 'google' provider in Django-allauth"
expect, interact and then again expect
Error: FB.login() called before calling FB.init()
How to find user_id in Django endpoint
Is this djoser implementation secure?
Connect C# ASP.NET Core web app to Microsoft Graph calendar
How/why is login page redirect required?
How can I sync JWT blacklists in PHP microservices without a bottleneck or SPOF?
login page asp.net sql
Need help understanding keycloak, reverse proxies, and middleware in a cluster
Classic ASP Request.ServerVariables("LOGON_USER") returning wrong username
.Net 8: Cannot authenticate user with "Individual Accounts Auth" template
Issue: All users access the same google drive account
Get username from Azure Identity
How do I persist the the user with supabase using nextjs?
Retrieve .htaccess login name from PHP
ways of authentication with Nginx
How do I access a dev tunnel from a service/authenticate between apps?