Thanks for the reply. No, I didn’t set the audience when calling getTokenSilently. I just called getTokenSilently(). Ok, I got it. It’s hard to find the documentation that the audience should be set correctly to call getTokenSilently
Yeah, it works now. Thanks @npatel.
My steps are:
set the audience when calling getTokenSilently({audience: <from Dashboard - API - Detail>}), and also set Allow Skipping User Consent to enabled
and then modify etc/host (User Consent and Third-Party Applications) and run the application in HTTPS