We’re having a recurring issue with the login flow for our SPA. Using auth0-angular library (ver 1.11), we are attempting to retrieve an access token on page load. If it fails with error ‘login failed’, it will redirect to login. However, directly after logging in, we are still seeing a ‘login failed’ error whenever we use the ‘getAccessTokenSilently’ method. The page often loads fine after a page refresh. We have tried to add a delayed refresh in the code but doesn’t always resolve the issue, and can cause an infinite redirect loop, especially on incognito/private browsers.
Most of these issues appear to be mitigated when we switch to getAccessTokenWithPopup, but the way many browsers block popups automatically it’s not an ideal solution.
Is there a reason that the getAccessTokenSilently would fail in this manner?
Code sample for reference:
const params = { audience: environment.audience };
return () => auth0.getAccessTokenSilently(params).toPromise().then(jwt => {
if (jwt) {
// process access token
}
}).catch(async (err) => {
// Send to login
if (err.message === 'Login required') {
const organization = cookie.get('wt_organization');
const opts: any = {
audience: environment.audience,
};
if (organization) {
opts.organization = organization;
}
await auth0.loginWithRedirect(opts).toPromise();
const token = await auth0.getAccessTokenSilently(params).toPromise(); // fails again here after login
if (token) {
// process access token
}
}
})