I think this may be related to JWT stuff right vivek ? or at least needs to wait until it lands, so that the GUI can respond accordingly.

I can see similar things by using stock jenkins auth, and letting it timeout after 30 minutes or so.

JWT support is still being worked on, nothing related to it is on master yet. Anyways, not sure whats expected in this ticket. Triggering re-auth is beyond scope of blueocean API, its proper jenkins thing.

Once we have JWT support, token expiry can be reported in consistent fashion and blueocean UI can trigger auth redirect based on error code. More on this when JWT support is in, it will still be something in UI layer to trigger re-auth etc. not in API.

Are there JWT tickets this is a duplicate of?

I am not sure if JWT is a pre-req for beta (jamesdumay?) , but without it, we need a slightly better strategy to at least keep sessions alive, or detect some common scenarios so that the "leave a browser open" experience isn't broken.

https://issues.jenkins-ci.org/browse/JENKINS-35783 is where JWT work is happening. I got pulled in to rollbar thing so its more or less in hold state. I expect to get some help from Tom to convert rollbar JS code as js-builder bundler tomorrow to get that wrapped up. If not this week, early next week I should have JWT PR in.

This is in scope to fix for the beta - it's a common use case as of Jenkins 2 to have security enabled

michaelneale right, UI should force login if APIs are returning 403 for anonymous user. it should be closed as duplicate of https://issues.jenkins-ci.org/browse/JENKINS-35783?

May be fixed by JWT... lets see

This is fixed with the reload on 40X thing Ivan did. So closing it. Effectively a dupe.