Do you have a GitHub issue / link for that?
Thanks, is there already an estimate for 8.2 release?
Hi,
thank you for your reply, although it doesn't really answer the question.
Even though we might get a proper logout working, and the user can at any time refresh the page - why should (s)he?!
We don't see it as good user experience to just trigger a logout every 30mins. That's not how websites should behave nowadays.
So is there any reason why the template doesn't do a refresh token flow and why we shouldn't? Or is it just not implemented yet?
Other Framework also refresh it in the background. Like Duende BFF uses AccessTokenManagement. Here is the RefreshUserAccessToken in Duende, for example https://github.com/DuendeSoftware/Duende.AccessTokenManagement/blob/2a6d0a60a564a590ee4f0c87c08e8406eb753e88/src/Duende.AccessTokenManagement.OpenIdConnect/UserAccessTokenManagementService.cs#L145
Is there a reason why the Blazor Server template does not use the standard OpenId refresh token flow to obtain new Access Tokens?