How to handle the Access Token rotation?

t.fukao · December 3, 2024, 4:37am

I’m using Auth0 Vue SDK.
The lifetime of Access Token can be handle in ManagemrntAPI→Access Token Settings.
After the token expires, all APIs return 401.
This is correct and expected behavior.

After an API returns 401, https://{MY_DOMAIN}/oauth/token is called and new Access Token can be used.
This is a helpful function, but how can I handle it?

For example, If I want to make the Accress Token rotation disabled, how can I do that?

rueben.tiow · December 17, 2024, 11:34pm

Hi @t.fukao,

If you need to get a new access token to access the Management API, you can use the Client Credentials grant flow.

This way, whenever the access token expires, you can obtain a new one by calling the /oauth/token endpoint.

Let me know if you have any questions.

Thanks,
Rueben

system · December 31, 2024, 11:35pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to Use Refresh Tokens in a SPA? Knowledge Articles auth0 , spa , refresh-tokens	0	717	June 3, 2024
How to refresh access token for spa? Help auth0 , login , refresh-tokens	4	3438	October 26, 2019
Trying to figure out the Authentication flow Help jwt , auth0 , login , help	2	3925	July 25, 2019
Rotating refresh token locking users out after expiry Help	5	6515	November 25, 2020
Auth0/auth0-spa-js Access token refresh? Help access-token	7	9643	October 24, 2020

How to handle the Access Token rotation?

Related topics