Id token and refresh token from in react app

praskatti · June 1, 2021, 9:41am

Hello auth0 gurus,
I am trying to integrated my react app with auth0. and able to do that successfully thanks to this article: Auth0 React SDK Quickstarts: Login . However, I am not able to wrap my head around how to get the id token and refresh token post successful login. I checked the cookies, localstorage on my browser. nothing is seen. are there any documents that elaborate on this?

Also, how to get the nonce? I believe this is only available for access tokens.

thank you.
Prasad

stephanie.chamblee · June 1, 2021, 5:34pm

Hi @praskatti,

The React SDK stores the tokens in app memory by default. You can instead use local storage by adding cacheLocation="localstorage" to your Auth0Provider component, but there are security considerations with that method which you can read about here:

The Refresh Token will be returned to your app if:

You API is configured to allow offline access: Register APIs
The Auth0Provider contains the offline_access scope: scope="offline_access"
The app is configured to allow refresh token rotation

The SDK will generate a nonce and send it with the oauth/authorize request when you call loginWithRedirect():

praskatti · June 2, 2021, 4:38pm

Thank you Stephanie.

system · June 17, 2021, 4:39pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.