Using universal login with a SPA which needs to authenticate against an API; the login flow is as follows: User arrives at site. If user is not logged in they are redirected to the Universal Hosted Login page On successful login user is redirected back to site We call getTokenSilently (this fails …

Is it currently impossible (without custom domains) to get a token with Safari browser?

dan.woda April 21, 2020, 9:09pm 3

Welcome to the Community!

Have you seen the refresh token rotation feature that we just released?

This should alleviate the need for silent auth via a third party cookie.

Let me know if that helps!
Dan

1 Like