Failed Exchange: Unauthorized (feacft)

Hello!

I’m trying to get the refresh token using the react-native-auth0. My application has a Native type.

According to the documentation, the authorization code looks like this:

    auth0.webAuth
      .authorize({scope: 'openid email profile offline_access'})
      .then((credentials) => {
         // ...
      })
      .catch((error) => console.log(error));

It opens the login form. I can log in (email & password) but I can’t get the credentials. It always returns [access_denied: Unauthorized]. I see two entries in the application logs, Success Login and Failed Exchange.

Any ideas what can be wrong? :thinking: The same error occurs even if I remove offline_access from the scope.

Thanks.

The solution is to enable OIDC Conformant and set the refresh token behavior to Rotating.

2 Likes

Perfect! Glad you have figured it out and thanks for sharing with the rest of community!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.