loginWithRedirect not storing token information in localStorage

Hello! I noticed that loginWithRedirect is not storing token information in localStorage when third party cookies are blocked, is this supposed to happen?

I’m trying to configure my app to use rotating refresh tokens in order to avoid ITP issues seen in Safari and other browsers with blocked third party cookies.

I saw this post about how setting cacheLocation: 'localstorage' could solve this problem ny storing all token related information in the localStorage, which is not happening.

I followed all the documentation related to rotating refresh tokens to make this work and still no luck. (Configure Refresh Token Rotation, Use Refresh Token Rotation).

I’m using the latest version of Auth0 Single Page App SDK

Hi @giancarlo.hernandez,

Welcome to the Community!

The post you linked is a good source of info regarding Refresh Token Rotation regarding blocked third-party cookies. You may also find some helpful info in this FAQ where I have tried to tie together a few resources on the topic: Why is authentication lost after refreshing my single page application?

Are you specifying the audience and scope when you initialize the Auth0Client?

Hi @stephanie.chamblee thanks for the response. I was able to solve this by calling handleRedirectCallback right after the redirect. I found it pretty weird that this is not present in the guides.

Anyways thanks for your help!

1 Like

Hi @giancarlo.hernandez,

I’m glad you were able to find the solution, and thank you for sharing it with the Community! Also, thanks for the feedback on the guides. I’ll pass that on to the appropriate team!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.