Failed Exchange: Unauthorized (feacft)

eshlox · June 11, 2020, 6:35pm

Hello!

I’m trying to get the refresh token using the react-native-auth0. My application has a Native type.

According to the documentation, the authorization code looks like this:

    auth0.webAuth
      .authorize({scope: 'openid email profile offline_access'})
      .then((credentials) => {
         // ...
      })
      .catch((error) => console.log(error));

It opens the login form. I can log in (email & password) but I can’t get the credentials. It always returns [access_denied: Unauthorized]. I see two entries in the application logs, Success Login and Failed Exchange.

Any ideas what can be wrong? The same error occurs even if I remove offline_access from the scope.

Thanks.

eshlox · June 13, 2020, 3:16pm

The solution is to enable OIDC Conformant and set the refresh token behavior to Rotating.

konrad.sopala · June 15, 2020, 7:32am

Perfect! Glad you have figured it out and thanks for sharing with the rest of community!

system · June 30, 2020, 7:32am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.