Hi there,
I have a case where I have a table of the organizations I’m assigned.
I want to be able to change organizations when clicking on them.
Do we have a documentation for that or an example,
const handleSilentRelogin = async (org_id: string) => {
try {
// Attempt to get a new access token silently
const accessToken = await getAccessTokenSilently({
organization: org_id,
});
// If successful, you can use the new access token as needed
console.log('Silent relogin successful. Access Token:', accessToken);
} catch (error) {
// If the silent relogin fails, redirect the user to the login page
console.error('Silent relogin failed. Redirecting to login page.');
}
};
tyf
December 15, 2023, 10:47pm
3
Hey there @llakud25 welcome to the community!
As far as I can tell switching organizations silently is not supported:
opened 04:53PM - 30 Nov 22 UTC
closed 10:00AM - 06 Jun 23 UTC
needs investigation
bug report
<!--
**Please do not report security vulnerabilities here**. The [Responsible D… isclosure Program](https://auth0.com/whitehat) details the procedure for disclosing security issues.
**Thank you in advance for helping us to improve this library!** Please read through the template below and answer all relevant questions. Your additional work here is greatly appreciated and will help us respond as quickly as possible. For general support or usage questions, use the [Auth0 Community](https://community.auth0.com/) or [Auth0 Support](https://support.auth0.com/). Finally, to avoid duplicates, please search existing Issues before submitting one here.
By submitting an Issue to this repository, you agree to the terms within the [Auth0 Code of Conduct](https://github.com/auth0/open-source-template/blob/master/CODE-OF-CONDUCT.md).
-->
### Describe the problem
There is currently no way to use `getAccessTokenSilently` to retrieve an access token for a different organization when `useRefreshTokens: true` is configured at the SDK level.
We have an organization switcher within our UI where we're allowing a user to switch between organizations. We want to make this as seamless as possible (no popups, no logging in again). We're using refresh tokens by enabling it in our auth0 configuration (`useRefreshTokens: true`). When a user selects a new organization, we attempt to get an access token for the new organization by using:
```js
const token = await getAccessTokenSilently({
organization: newOrgId,
ignoreCache: true,
})
```
However, the token we get back is issued for the current organization and not the newly selected organization (represented by `newOrgId` in the snippet above).
### What was the expected behavior?
An access token issued for the new organization.
If I disable the usage of refresh tokens (`useRefreshTokens: false`), we successfully get an access token for the new organization. The branch in logic can be found [here](https://github.com/auth0/auth0-spa-js/blob/bb5a26aa3e60436e022aac98e9dcb9f423e66cb0/src/Auth0Client.ts#L707-L709). In our case, refresh tokens are necessary.
I'm not privy to all the details, but It seems that an appropriate approach would be that if an organization is passed to `getRefreshTokenSilently` that is different than the current organization, the cache would be ignored and using refresh tokens would be ignored.
Here's more discussion on the matter: https://community.auth0.com/t/user-switch-between-organization/62609
### Reproduction
<!--
> Detail the steps taken to reproduce this error, and whether this issue can be reproduced consistently or if it is intermittent.
> **Note**: If clear, reproducable steps or the smallest sample app demonstrating misbehavior cannot be provided, we may not be able to follow up on this bug report.
**Can the behavior be reproduced using the [SPA SDK Playground](https://github.com/auth0/auth0-spa-js/blob/master/DEVELOPMENT.md#the-sdk-playground)?**
<!--
If so, provide steps:
> Where applicable, please include:
>
> - The smallest possible sample app that reproduces the undesirable behavior
> - Log files (redact/remove sensitive information)
> - Application settings (redact/remove sensitive information)
> - Screenshots
-->
Configure Auth0 with `useRefreshTokens: true`.
Attempt to get an access token silently for a different organization:
```js
const token = await getAccessTokenSilently({
organization: newOrgId,
ignoreCache: true,
})
```
### Environment
<!--
> Please provide the following:
-->
- **Version of `auth0-spa-js` used:** 1.22.5 (technically we're using @auth0/auth0-react@1.12.0 which uses @auth0/auth0-spa-js@1.22.5)
- **Which browsers have you tested in?** Chrome
- **Which framework are you using, if applicable (Angular, React, etc):** React
- **Other modules/plugins/libraries that might be involved:** None
system
Closed
December 29, 2023, 10:47pm
4
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.