Call to authorize fails on Safari

Ok, I have an angular app with a dotnet core backend. I have followed the universal login trail in your docs for setting up auth0 in my app. What exactly must I do to enable refresh tokens?

I have added useRefreshTokens: true to my createAuth0Client call but it doesn’t seem to do much. I’ve also checked the grants in auth0 administration panels, and it allows the use of refresh tokens. I still have the same eternal login-loop on safari.

I’m not entirely sure it’s related, but chrome and other browsers also report that some cookies are stored using SameSite=None without secure.

I’m using auth0-spa-js version 1.8.1

1 Like