getTokenSilently({ cacheMode: 'off' }) Timeout

NoTanIntended · April 4, 2026, 3:07am

We have a user experiencing intermittent timeouts on getTokenSilently({ cacheMode: ‘off’ }) on Google Chrome.

This happens on both regular login and signup. Other Chrome users on the same app are unaffected.

Setup:

cacheLocation: ‘localstorage’
useRefreshTokens: true
scope: openid profile email offline_access

Questions:

1. what would cause getTokenSilently time out despite useRefreshTokens: true and offline_access scope?

2. What is the recommended way to get fresh claims after email verification without relying on getTokenSilently?

remus.ivan · April 6, 2026, 8:02pm

Hi @NoTanIntended,

Welcome to the Auth0 Community!

The core of the issue likely lies on the user’s end and is related to a network timeout when the application tries to get a new token.

Your application is correctly configured with useRefreshTokens: true . This means that to get a fresh token, the Auth0 SDK makes a direct, secure call to Auth0’s /oauth/token endpoint. This is a robust process that shouldn’t be affected by things like third-party cookie blocking.

A “timeout” in this scenario means the user’s browser sent the request but never received a response from our server. This strongly indicates something on the user’s machine or network is actively interfering with or blocking this specific, secure connection.

Common causes for this are:

Browser Extensions: Ad-blockers or privacy-guard extensions are the most common culprits. They can mistakenly flag the secure call to our servers as a “tracker” and block it.
Corporate Firewall or VPN: Strict corporate networks can inspect and block web traffic that doesn’t match their policies.
Security Software: Antivirus or “web protection” software can interfere with secure connections.

Please ask your user to perform the following checks since this should quickly help them identify the source of the block.

Try in incognito mode/ a different browser or another device
Disable browser extensions
Try a different network ( since an unstable connection might also cause this issue )
Check for security apps that might in include “web protection” features that can interfere with secure connections

Using getTokenSilently is the standard and most secure way to get fresh information for a user. The only other recommended approaches involve forcing the user to re-authenticate (i.e., log in again). This is because getting “fresh claims” requires creating a new ID Token, and without the silent mechanism, that can only be done through an interactive login flow, which is a much less desirable user experience.

The best solution is to resolve the user’s local environment issue so the silent, seamless flow works as intended.

I hope this helps and if you have further questions please let me know.
Best regards,
Remus

system · April 20, 2026, 8:03pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Get token silently fails on non-Chrome browsers Get Help	2	3505	August 20, 2022
getTokenSilently without cache failing on firefox (without redirecting to log-in page) Get Help login-experience , login-prompt-new-experience	4	406	May 10, 2024
getTokenSilently fails on tab lock logic Get Help auth0-spa-js , sdks-quickstarts	6	151	February 28, 2025
After successful login token is not return and user is not logged in Get Help	4	6586	April 26, 2021
getTokenSilently fails due to inactivity timeout Get Help auth0 , auth0-spa-js	2	3493	February 5, 2021

getTokenSilently({ cacheMode: 'off' }) Timeout

Related topics