Getting access token using refresh token

ganumalasetty · August 2, 2023, 4:30pm

Hi There,

I have a setup on using Single page application and I am using the “@auth0/auth0-react”, also enabled localstorage as cache location and useReferesToken is true. Whenever the user clicks on the submit button I am calling the getAccessTokenSilently method, but I am not getting the new token and the APIs are failing as the existing token already expired. Please help me here.

export const GetCurrentUserAccessToken = () => {
  const { user, getAccessTokenSilently, getIdTokenClaims } = useAuth0();
  useEffect(() => {
    const getUserMetadata = async () => {
      try {
        if (currentUserToken == null) {
          const accessToken = await getAccessTokenSilently({
            useRefreshTokens: true
          });
          // console.log('accessToken ', accessToken, user);
          userInfo = user;
          currentUserToken = accessToken;
          const idTokenClaims = await getIdTokenClaims();
          if (idTokenClaims?.__raw) {
            idtoken = idTokenClaims?.__raw;
          }
        }
      } catch (e) {
        console.log(e.message);
      }
    };

    getUserMetadata();
  }, [getAccessTokenSilently, user?.sub]);

  return {currentUserToken, idtoken};
};

tyf · August 2, 2023, 6:01pm

Hi there @ganumalasetty welcome to the community!

How is your Auth0Provider configured? Do you have a refresh token available from the initial authorize request/response?

Let us know!

ganumalasetty · August 3, 2023, 3:59am

Below is the Auth0Provider Configured.

const providerConfig = {
    domain: apiUrls.AUTH0_DOMAIN,
    clientId: apiUrls.AUTH0_CLIENT_ID,
    onRedirectCallback,
    authorizationParams: {
      redirect_uri: window.location.origin,
      ...(apiUrls.AUTH0_AUDIENCE ? { audience: apiUrls.AUTH0_AUDIENCE } : null),
    },
    cacheLocation: 'localstorage',
    useRefreshTokens: true,
  };
  <Auth0Provider {...providerConfig}>
      {children}
    </Auth0Provider>

I see that the offline_access scope is added to authorize API call and the token API is returning the refreshtoken. All the information is stored in the localstorage as I mentioned cachelocation: localstoarge

ganumalasetty · August 10, 2023, 9:38am

Can anyone please help me with this…!