ZeroTier SSO keeps asking for a sign-in every 5 minutes

Hi everyone, I am experiencing an issue with my ZeroTier network with DUO SSO authentication. Even after successfully logging in, I keep getting prompted to log in to SSO every 5 minutes. When I click on “Open SSO Login URL”, the DUO login page appears. I then enter my email and password and receive a 2FA notification on my phone which I approve. After that, I get a page from ZeroTier indicating that the authentication was successful, and I can access other PCs in the network. However, after about 5 minutes, I receive a notification that I need to log in to SSO again to access the network. Thank you for your help.

It sounds like DUO is configured to issue authorization tokens that expire in 5 minutes. Per the docs, DUO does not support refresh tokens, so whenever the authorization token expires, users are required to log in again.

It sounds the same to me too but I configured ZeroTier in DUO as “Duo Single Sign-On for Generic OpenID Connect (OIDC) Relying Parties” and there I have expiration time and refresh tokens time options. Still, even if I put 60-minute expiration time, it will disconnect me after about 5 minutes.

According to me ZeroTier confirms successful authentication, allowing access to other PCs in the network. However, after approximately 5 minutes, I receive another prompt to log in to SSO to continue accessing the network.