I’m reading this article:
Within the “Create the Client” section there are two ways to create the client…
createAuth0Clientfactory method returns the
auth0object and within the instantiation calls
You can call the Auth0Client constructor to get the
In the “Call an API” section…
getTokenSilently() method is called on the returned
auth0 object. It’s hard to tell from the documentation if that call is needed when the
createAuth0Client was instantiated as
getTokenSilently() was already called.
Does the call to
getTokenSilently() always reach out to the Authorization Server to get a new token? Or does it reach out the first time, then cache locally until a refresh token is needed, in which case it handles all the under-the-hood work?
In other words should I always call
getTokenSilently() before sending a request to the API? Or should I only call it once and save the token in memory (and therefore always have to check the expiration before making a request to the API) within the app?