Ready to post? First, try searching for your answer.
I’ve got a react app with a nodejs backend and a cloud database. I’m new to auth0 to trying to get it all setup. I had simple user authentication setup using the react API no problem. Now I’m trying to use refresh tokens with shorter access token expiration times, to hopefully make it more secure.
I have middleware that checks the expiration date of the authorization access token coming into my axios calls. If they are expired I was planning to use the refresh token to get new access tokens. I can use the refresh token from my database to get new tokens as follows:
tokenData: {
access_token: ‘…’,
refresh_token: ‘…’,
id_token: ‘…’,
scope: ‘openid profile offline_access’,
expired_in: xxxx,
token_type: ‘Bearer’
}
I store the new refresh token in my database and try to replace the authorization access token in the axios header with the new one:
req.headers.authorization = Bearer ${newTokens.access_token}
;
And was hoping everything would continue, however it appears the access token I receive back is malformed, or it might be a JWE (encrypted) toke? Either way, when I try and use it as is, I get errors saying it is an invalid token.
Any help is appreciated!