new Auth0Client({
domain: config.auth0.domain,
clientId: config.auth0.clientId,
cacheLocation: 'localstorage', // tried with and without this
useRefreshTokens: true,
authorizationParams: {
redirect_uri: `${window.location.protocol}//${window.location.host}`,
scope: config.auth0.scope, // tried with and without this
},
})
I have tried with and without “scope” on the client.authorizationParams, as well as with and without “scope” on the getTokenSilently() and loginWithRedirect() calls.
It always results in an error after redirecting back from the Universal login page
I figured it out, I was handling login incorrectly.
I had been calling loginWithRedirect() and to login and getTokenSilently() on page load to get the token. This was actually working all by itself, until I added refresh token. Perhaps it shouldn’t have been?
I needed to be calling handleRedirectCallback() to handle login, before calling getTokenSilently(). After adding this, everything is working.
I sure wish handleRedirectCallback() did the work of stripping the auth parameters out of the querystring so that hitting refresh didnt cause a failure.