Ok, I have an angular app with a dotnet core backend. I have followed the universal login trail in your docs for setting up auth0 in my app. What exactly must I do to enable refresh tokens?
I have added
useRefreshTokens: true to my
createAuth0Client call but it doesn’t seem to do much. I’ve also checked the grants in auth0 administration panels, and it allows the use of refresh tokens. I still have the same eternal login-loop on safari.
I’m not entirely sure it’s related, but chrome and other browsers also report that some cookies are stored using SameSite=None without secure.
I’m using auth0-spa-js version 1.8.1