tyf
August 15, 2024, 8:40pm
3
Hey there @cache welcome to the community!
cache:
Edit: So I found out, that I can get a non-opaque JWT when specifying the audience int he authorization request. So far so good, but I don’t get a refresh token anymore? How could I refresh the access token without a refresh token?
Awesome, glad you were able to get this sorted You should definitely still be able to get refresh tokens in a SPA, and this is the recommended approach.
How to use refresh tokens in a SPA (Single Page Application)?
This is a common design pattern for SPAs implementing authentication and authorization using Auth0. While relatively straightforward, there are several steps required to get an app up and running with refresh tokens.
Step 1: Configure required settings in the Auth0 Dashboard
Be sure the SPA application in Auth0 has the Refresh Token grant type enabled
[Screenshot 2024-05-29 at 5.01.09 PM]
Confirm the Allowed Callback URLs are …
1 Like