Auth0 Session Timeout Not Working for Next.js SPA

SDKsSessions
Sep 24, 2025
Overview

This article explains why the Auth0 session timeout does not work for Next.js Single Page Applications (SPA).

In the Tenant Settings > Advanced > Session Management, the following was configured:

  1. Enabled "Persistent Session";
  2. "inactivity timeout": 1 minute;
  3. "required login after": 1 minute.

However, after logging into the application and waiting for over 1 minute, the user is not logged out if the URL is refreshed.  

Applies To
  • Session Timeout
  • Next.js SPA
Cause

Next.js SDK maintains its own session. More details can be found in this article: Sync session with Auth0 when using Next.js
 

Solution
Set the AUTH0_SESSION_ROLLING_DURATION in the Next.js SDK to the same timeout value as in the Auth0 Tenant Setting. 

Recommended content

No recommended content found...
Need more help? Visit the Community
Visit the Auth0 Community