I have been using Auth0 for authenticating to services for our product, which is an iOS application. Looking through the Auth0 SDK in swift, I can see in the CredentialsManager class that the function hasValid() checks the access token’s expiration and the canRenew() function only checks if the refresh token is in the CredentialsStorage object (SimpleKeyChain). Is there a way to check the validity of the refresh token, and not just that it exists?
I have been getting “Unknown or invalid refresh token” errors recently while debugging/developing our authentication solution in our platform. So far it seems like inappropriate developer implementation on the maintenance of the access/refresh tokens when a new access token is needed, which has been rectified. Now, I get the “Unknown or invalid refresh token” error when I force delete the iOS app and re-install it and log in to my product. Even though I force delete the iOS app, the check for canRenew() returns true when I re-install the app and log back in. Do I need to just use the credentialManager.clear() method to wipe out the existing credentials if the iOS app gets deleted?