Hey @mathiasconradt, thanks for the reply. I have gone through this post in the past, however still I was unable to understand how would it be exactly implemented.
We are not using auth0-spa-js, we are using auth0 java client. Actually, I was exploring on how could I achieve this getTokenSilently in the backend. My requirement is user is logged in and I have an access token for a specific audience, I am achieving this using implicit flow by redirecting user to login with google.
Now I want to fetch another access token for the same user but for different audience without prompting him to login. So a build an authorize url like this and redirecting him to the url -
final String authorizeUrl = authenticationController.buildAuthorizeUrl(
req,
res,
redirectUri
).withAudience("<different_audience>").withParameter("prompt", "none").build();
here the redirectUri is my callback endpoint where I want to receive the access token. However, upon executing this, I get redirected to - <redirectUri>?error=login_required&error_description=Login%20required&state=lnYCzQUX9HPhYJ9zYDMOzEUXXExw3W2_ytMBC0-cylQ and getting HTTP ERROR 401. This error is described here - Configure Silent Authentication which states that login is required but I have already logged in. I thought auth0 server should already be knowing that somehow but seems like I am missing something, do I need to pass some parameters or cookie in the authorize url and where to get them ?
Thanks