Mobile App Save Token Flow Question

Hi there, firstly – I’m new to community so I apologize if I put this in the wrong spot.

I’m building a react native app that will interact with APIs that I also write/manage. I have found Auth0 documentation for implementing this flow, but one thing I’m not sure on is where/when to save the tokens. I want to be sure I nail this step, because I feel like it has the potential to reduce the safety of the flow by a great deal if I don’t do it correctly.

Here is the flow as I understand it (no error handling, only happy-path for sake of brevity):

  • A user enters the app for the first time, or is not already logged in
  • They log in using the Auth0 web-login-thingy
  • I receive a token
  • I can use the token to authenticate with my API

Do I store that token? I don’t want my users to have to log in every time they use the app. If I do store the token, where do I store it?

If I’m not storing it, what do I do? Do I ping an authentication/authorization endpoint with Auth0 every time they open the app and get a new token?

I’m a little lost here, so any help is good help.

Thanks!!

Hey there!

Sorry for such huge delay in response! We’re doing our best in providing you with best developer support experience out there, but sometimes our bandwidth is not enough comparing to the number of incoming questions.

Wanted to reach out to know if you still require further assistance?