My organization is currently using the react-auth0-spa library to handle authentication on the front end of our Spring Boot app, and using custom scoped access tokens to make requests to a server application with access to the management api. Since we’re using a custom signup form, our users are required to login to the application immediately following signup. We discovered that we could use the management API’s Resource Owner Token Grant endpoint with the user’s credentials to get an access token for them immediately following signup, and return that back to our SPA front end. However, all authenticated calls in the react app look like this:
import { isAuthenticated, getTokenSilently } from ‘auth0-spa’
if (isAuthenticated) {
getTokenSilently().then( token => {
// do stuff with token
});
}
I understand that getTokenSilently searches for an access token in cache before requesting login from the user. Is it possible to manipulate this cache to provide our own access token, which was gained using the management api after signup? This would allow us to automatically login our users in the react app immediately after they sign up.