I have a NextJS app router as my frontend, and an express API backend. Everything is going smoothly, I can get an access token in my nextJS client and send that to my express API for route protection.
However I’m noticing that if I stay logged in long enough my nextJS client returns The access token expired and a refresh token is not available.
. What should I look at to manage refreshing my accessToken? Is there a simple way to automate this? I’ve looked at this error in other threads/topics but aren’t able to sort out what I’m missing.
Below is where I’m getting my accessToken from the sdk and executing a request.
import { redirect } from 'next/navigation';
import { getAccessToken } from '@auth0/nextjs-auth0';
const apiServerUrl = process.env.API_SERVER_URL;
export default async function HomePage() {
const { accessToken } = await getAccessToken();
const response = await fetch(`${apiServerUrl}/protected/accountId`, {
headers: {
'content-type': 'application/json',
Authorization: `Bearer ${accessToken}`,
},
});
const responseData = await response.json();
const accountId = responseData.accountId;
redirect(`/${accountId}`);
return null;
}
I do see getAccessTokenSilently
is available in the react SDK, is that something I should switch to, or is there a way to do this with the nextjs sdk?
EDIT:
It looks like adding the following to my .env file automates fetching a new access token?
AUTH0_SCOPE='openid offline_access'
Am I right in assuming that I can be hands off of managing the refreshing of tokens with this? Here is my app/api/auth/[auth0]/route.js
import { handleAuth } from '@auth0/nextjs-auth0';
export const GET = handleAuth();