Hello! I noticed that loginWithRedirect is not storing token information in localStorage when third party cookies are blocked, is this supposed to happen?
I’m trying to configure my app to use rotating refresh tokens in order to avoid ITP issues seen in Safari and other browsers with blocked third party cookies.
I saw this post about how setting cacheLocation: 'localstorage' could solve this problem ny storing all token related information in the localStorage, which is not happening.
The post you linked is a good source of info regarding Refresh Token Rotation regarding blocked third-party cookies. You may also find some helpful info in this FAQ where I have tried to tie together a few resources on the topic: Why is authentication lost after refreshing my single page application?
Are you specifying the audience and scope when you initialize the Auth0Client?
Hi @stephanie.chamblee thanks for the response. I was able to solve this by calling handleRedirectCallback right after the redirect. I found it pretty weird that this is not present in the guides.
I’m glad you were able to find the solution, and thank you for sharing it with the Community! Also, thanks for the feedback on the guides. I’ll pass that on to the appropriate team!