You’re right, I see the leeway in the docs (auth0-react is built on top of auth0-spa-js): https://auth0.github.io/auth0-spa-js/interfaces/auth0clientoptions.html#leeway
I believe that setting refers to evaluating JWT expirations in the application, not the Refresh Token reuse leeway. The Refresh Token leeway seems to need to be configured in the application settings via the Management API so that your Auth0 tenant can determine if a Refresh Token should be accepted or not.