Id token and refresh token from in react app

Hello auth0 gurus,
I am trying to integrated my react app with auth0. and able to do that successfully thanks to this article: Auth0 React SDK Quickstarts: Login . However, I am not able to wrap my head around how to get the id token and refresh token post successful login. I checked the cookies, localstorage on my browser. nothing is seen. are there any documents that elaborate on this?

Also, how to get the nonce? I believe this is only available for access tokens.

thank you.

Hi @praskatti,

The React SDK stores the tokens in app memory by default. You can instead use local storage by adding cacheLocation="localstorage" to your Auth0Provider component, but there are security considerations with that method which you can read about here:

The Refresh Token will be returned to your app if:

  1. You API is configured to allow offline access: Register APIs
  2. The Auth0Provider contains the offline_access scope: scope="offline_access"
  3. The app is configured to allow refresh token rotation

The SDK will generate a nonce and send it with the oauth/authorize request when you call loginWithRedirect():

Thank you Stephanie.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.