Checking the validity of refresh token in CredentialsManager


I have been using Auth0 for authenticating to services for our product, which is an iOS application. Looking through the Auth0 SDK in swift, I can see in the CredentialsManager class that the function hasValid() checks the access token’s expiration and the canRenew() function only checks if the refresh token is in the CredentialsStorage object (SimpleKeyChain). Is there a way to check the validity of the refresh token, and not just that it exists?

I have been getting “Unknown or invalid refresh token” errors recently while debugging/developing our authentication solution in our platform. So far it seems like inappropriate developer implementation on the maintenance of the access/refresh tokens when a new access token is needed, which has been rectified. Now, I get the “Unknown or invalid refresh token” error when I force delete the iOS app and re-install it and log in to my product. Even though I force delete the iOS app, the check for canRenew() returns true when I re-install the app and log back in. Do I need to just use the credentialManager.clear() method to wipe out the existing credentials if the iOS app gets deleted?
Thank you.

Hey @ameer.bajwa welcome to the community!

There is not a method for checking the whether a refresh token has expired or not other than attempting to use it to get new credentials.

credentialManager.clear() should do the trick - Are you seeing different behavior?

Keep us posted!

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.