How to check if refresh token is expired?

vinamelody · December 20, 2020, 3:36pm

Hi, i’m using "@auth0/auth0-spa-js": "^1.13.3", and recently, to handle failing getTokenSilently in Safari, we enable the Refresh Token Rotation.

Here’s my code to perform getTokenSilently. But how do I check if refresh token is invalid? From auth0, I got 403 invalid_grant and I want to check the refresh token expiration before getting the error. Note that i want to check refresh token expiration, not the access_token.

Thanks in advanced!

try {
            const newToken = await auth0Client.getTokenSilently()
            if (newToken) {
              console.log('newToken', newToken)
              return { token: newToken }
            }
          } catch (error) {
            console.log('try getAuth error', error)
          }

stephanie.chamblee · December 22, 2020, 4:26pm

Hello @vinamelody,

Welcome to the community!

With SPAs, ID and Access Tokens are obtained from the authorization server and typically cached in memory. Token renewal (due to refreshing the browser, memory cache eviction budgets, or expiration) is handled by the SDK.

This means that the frontend code can rely on the SDK to manage Refresh Tokens’ exchange for new Access Tokens.

If you look in the dashboard application settings, you can see the Refresh Token expiration time. By default, it is 720 hours (2592000 seconds).

Since the error message says inavlid_grant, it may be possible that the application is not configured to accept Refresh Token grants. You can check this by opening the “Advanced Settings” menu within your application’s settings in the dashboard.

system · January 6, 2021, 4:26pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.