i am refreshing id_token using (auth0 iOS SDKs) this method:
credentialsManager.credentials { error, credentials in
guard error == nil, let credentials = credentials else {
// Handle Error, Present Login Page
}
// Valid credentials, you can access the token properties such as `idToken`, `accessToken`.
}
id_token also get refresh, but after some time i can not call any APIs using this refreshed token. is there any problem with method i am using or backend has some authorisation issues? Please help i am about to live my application. Any help will be highly appreciated.
i can not call any APIs using this refreshed token
Note that an ID Token isn’t meant to protect an API, that’s the task of an access token. Can you confirm that you’re using the access token and not the ID token to call your API? (But since it seems to work in the beginning, I assume you do that already; asking this just because you explicitly mentioned the ID token in your question).
Regarding the code snippet, that should be fine and automatically refreshing the token when expired, so don’t see anything wrong with it.
https://auth0.com/docs/libraries/auth0-swift/save-and-refresh-jwt-tokens:
Renewing a user’s credentials works exactly the same way, if the token has expired. The Credentials Manager will automatically renew the credentials, then store the renewed credentials to the Keychain and finally return them in the closure.
What kind of backend (technology stack) is that, could you share the code how you’re using and valdiating the token on the backend side. In any case, you could do some debugging and parse and check the expiration of the access token on the backend side.