I’m using the Auth0 Cordova project to implement PKCE auth. The quickstarts for this are very helpful!
One thing I don’t see is a suggestion for how to implement refresh tokens (or silent auth?) with this Auth0 Cordova module. Any suggestions?
Refresh tokens are available for more then one grant type and are not specific to just PKCE so they stand on their own in terms of documentation and it mostly consists of toggling configurations and adding specific values/parameters to the requests you’re already performing.
If you haven’t done so already, I would recommend you to go through the reference documentation on refresh tokens which should enable you to apply their use to the grant type (PKCE) you’re already performing.
In general it was good to find that PKCE handles session extensions via refresh tokens (as opposed to silent auth or other approaches). The docs you pointed to helped confirm the approach, and helped implement refreshing tokens & revoking them.
Thanks @jmangelo! The documentation on the new OIDC items is evolving nicely.