Error thrown by accessToken.refresh() when the IdP-asserted session ceiling (session_expiry claim) has passed. Catch this in API routes to redirect the user to re-authenticate, rather than receiving a confusing invalid_grant from the token endpoint.
accessToken.refresh()
session_expiry
invalid_grant
const { SessionExpiredError } = require('express-openid-connect');app.get('/api/data', async (req, res, next) => { try { if (req.oidc.accessToken.isExpired()) { await req.oidc.accessToken.refresh(); } } catch (err) { if (err instanceof SessionExpiredError) { return res.oidc.login(); } return next(err); }}); Copy
const { SessionExpiredError } = require('express-openid-connect');app.get('/api/data', async (req, res, next) => { try { if (req.oidc.accessToken.isExpired()) { await req.oidc.accessToken.refresh(); } } catch (err) { if (err instanceof SessionExpiredError) { return res.oidc.login(); } return next(err); }});
Optional
Readonly
Error thrown by
accessToken.refresh()when the IdP-asserted session ceiling (session_expiryclaim) has passed. Catch this in API routes to redirect the user to re-authenticate, rather than receiving a confusinginvalid_grantfrom the token endpoint.