4 replies

OKTA OIDC - Session timeout issue

Coder version: 2.24.2
CODER_OIDC_SCOPES="openid,profile,email,offline_access"
I see this in logs when I first login & the session is timing out in an hour & logging off the users. I don't see any refresh token requests in logs, so not sure why coder is not refreshing the tokens.

Any pointers would be helpful.

2025-09-30 15:42:34.100 [debu]  coderd.userauth: got oidc claims  request_id=f231a2db-ae9f-4828-a0b1-d4cd69c42710  source=id_token  claim_fields="[amr at_hash aud auth_time email exp groups iat idp iss jti name preferred_username sub ver]"  blank=[]
2025-09-30 15:42:34.368 [debu]  coderd.userauth: got oidc claims  request_id=f231a2db-ae9f-4828-a0b1-d4cd69c42710  source=userinfo  claim_fields="[email email_verified family_name given_name groups locale middle_name name preferred_username sub updated_at zoneinfo]"  blank=[middle_name]

2025-09-30 15:42:34.100 [debu]  coderd.userauth: got oidc claims  request_id=f231a2db-ae9f-4828-a0b1-d4cd69c42710  source=id_token  claim_fields="[amr at_hash aud auth_time email exp groups iat idp iss jti name preferred_username sub ver]"  blank=[]
2025-09-30 15:42:34.368 [debu]  coderd.userauth: got oidc claims  request_id=f231a2db-ae9f-4828-a0b1-d4cd69c42710  source=userinfo  claim_fields="[email email_verified family_name given_name groups locale middle_name name preferred_username sub updated_at zoneinfo]"  blank=[middle_name]

2025-09-30 15:42:34.100 [debu]  coderd.userauth: got oidc claims  request_id=f231a2db-ae9f-4828-a0b1-d4cd69c42710  source=id_token  claim_fields="[amr at_hash aud auth_time email exp groups iat idp iss jti name preferred_username sub ver]"  blank=[]
2025-09-30 15:42:34.368 [debu]  coderd.userauth: got oidc claims  request_id=f231a2db-ae9f-4828-a0b1-d4cd69c42710  source=userinfo  claim_fields="[email email_verified family_name given_name groups locale middle_name name preferred_username sub updated_at zoneinfo]"  blank=[middle_name]

2025-09-30 15:42:34.100 [debu]  coderd.userauth: got oidc claims  request_id=f231a2db-ae9f-4828-a0b1-d4cd69c42710  source=id_token  claim_fields="[amr at_hash aud auth_time email exp groups iat idp iss jti name preferred_username sub ver]"  blank=[]
2025-09-30 15:42:34.368 [debu]  coderd.userauth: got oidc claims  request_id=f231a2db-ae9f-4828-a0b1-d4cd69c42710  source=userinfo  claim_fields="[email email_verified family_name given_name groups locale middle_name name preferred_username sub updated_at zoneinfo]"  blank=[middle_name]

OKTA OIDC - Session timeout issue

Similar Threads

Similar Threads

Similar Threads