We have never used Roles+Permissions before so this has never been an issue on our backend. But now we need to use Permissions and therefore we created a new API in the Auth Dashboard and replaced the MANAGEMENT_API_IDENTIFIER with our new API in the audience.
We do not want all of our users to sign in again once we release the new client, so how can we get a new access token or re-authenticate silently but to our new API audience instead?
I understand that you want to know if changing the audience will require your users to log in again.
I did a quick test to see if changing the audience to a different API required the users to log in again and it looks like it does indeed require a new login. Are you able to set up a test environment to see if you get the same behavior?
Calling auth0.webAuth.authorize does not take any previous access, refresh nor id-Token, therefore it will always ask user again to re-authenticate.
And unfortunately the refresh token endpoint /oauth/token does not take an audience and therefore my question how to get an accessToken with the new audience.