Auth0 Home Blog Docs

Cannot refresh token with node.js SDK - 401 access denied

Hey,

I use auth0@2.17.1 on node v10.15.3. I am able to acquire access and refresh tokens using the user credentials, as follows…

const client = new auth0.AuthenticationClient({
    domain: process.env.AUTH0_DOMAIN,
    clientId: process.env.AUTH0_CLIENT_ID,
    clientSecret: process.env.AUTH0_CLIENT_SECRET
});

const userData = await client.oauth.passwordGrant({
      username: 'xxx',
      password: 'xxx',
      scope: 'offline_access',
      realm: 'xxx'
});

So far so good. Then I need to refresh the acquired access token. So I do the following…

await auth0Client.refreshToken({
      refresh_token: userData.refresh_token,
      grant_type: 'refresh_token'
});

This last call returns 401 “access denied” with the following message:

{"error":"access_denied","error_description":"Unauthorized"}

What am I doing wrong? Your help is much appreciated.

Hey there @d.michalakos and welcome to the Auth0 Community!

I apologize for the delay in response but I would be happy to help. What I would like to do is to get a HAR file capture of the access denied workflow paired with the tenant name and direct message it over to me. From there we can dissect what is going on. Please be sure to select “Preserve log” to catch redirects and scrub the file of user passwords before passing, thanks!