Hey all. We’re using the auth0/react-native-auth0 package to log in our users.
const credentials = await auth0.webAuth.authorize({
scope: 'openid profile email offline_access',
audience: 'our-company-audience',
});
And the credentials
object that is returned contains an accessToken
, refreshToken
, and an idToken
. We use the jwt idToken
to communicate with our API. However, this token expires and we need to refresh it.
One might think that you would then need to use the auth0.auth.refreshToken({ refreshToken })
method which we have tried. It returns a successful response with a new token back but that new token is invalid (idToken
isn’t signed the same way?).
So then we also tried hitting the endpoint directly with axios
await axios.post(
'https://our-domain.auth0.com/oauth/token',
{
scope: 'openid profile email offline_access',
domain: 'our-domain.auth0.com',
client_id: 'our-client-id',
grant_type: 'refresh_token',
audience: 'our-audience',
refresh_token: refreshToken,
},
);
Which gives us a token back but it is still also invalid.
How are we able to refresh the original idToken?