I am trying to use the silent authentication feature to renew user tokens on my web app. My renewToken function is as follows renewToken() { console.log(“Renewing token”); this.auth0.renewAuth( { audience: AUTH_CONFIG.apiUrl, redirectUri: AUTH_CONFIG.silentAuthRedirect, usePostMessage: true, postMessageDataType: ‘auth0:silent-authentication’, }, (err, result) => { console.log(err, result); if (err) { alert( Could not get a new token using silent authentication (${err.error}).
); } else { console.log(“Renewed session”); this.setSession(result); alert(Successfully renewed auth!
); } } ); } I have a silent.html file set up and AUTH_CONFIG.silentAuthRedirect points to that file. However, whenever the renewToken function runs after the token expires, I get a 500 status response from the authorize endpoint. I have no idea why this is happening because the configuration has been done exactly as documented by Auth0 for a React SPA. Edit: I tried the checkSession approach as documented, but I’m not seeing any change except for the fact that my URL (https://jrthing.eu.auth0.com/authorize?) returns a 400 errors instead of a 500 error now.
The timeout error you mentioned may be caused by some issue with the callback handler silent.html
, however, you mentioned that the /authorize
endpoint call itself returns a 500 error so that is even a precursor to the callback handler.
The currently recommended approach would be to use checkSession
method which superseded renewAuth
and removed the need for the silent.html
file, however, based on your description if the issue is a 500 on the authorization endpoint then this may not resolve the problem.
My recommendation would be for you to still make the switch to checkSession
which implies less stuff on the client application and if the issue persists update the question with information about the HTTP request and response to the /authorize
endpoint that is failing.
So, I tried the checkSession approach but I’m not seeing any change except for the fact that my URL (https://jrthing.eu.auth0.com/authorize?) returns a 400 errors instead of a 500 error now.
Any idea on how to proceed next?
Also, I found this issue on GitHub. Seems to be along similar lines
https://github.com/auth0/auth0.js/issues/564