Refresh jwt token for self-hosted app's ajax endpoint?

user96810 · December 12, 2022, 12:29pm

Here’s my setup:

web pages at /dashboard/…
some POST ajax endpoints at /dashboard/ajax/…

Everything with prefix /dashboard/ is protected by Zero Trust’s applications (e.g., a specific email has to login).

Problem:

If we stay on a /dashboard/ web page for a long time (e.g., editing a long blog post), then POST ajax endpoints will be redirected to a url like ...cloudflareaccess.com/cdn-cgi/access/login/..., thus ajax requests would fail due to CORS errors. To my understanding, such redirection is to refresh jwt token (i.e., sending GET request to ...cloudflareaccess.com/cdn-cgi/access/login/...)

Is there a way to proactively refresh jwt token?

dsundquist · December 17, 2022, 4:43am

One thought is you can change the session duration, on the overview page of the Access Application (the default is 24 hours).

Second thought, you’ll need to run something on the side:

overwrite the current cookie
have the user attempt to get something bogus
follow the redirects, if there is a valid global session cookie you’ll get a new cookie, or be forced to login.