I have struggled to implement the desired behavior of access-refresh tokens.
The access token has an expiry time of 10 mins.
After getting 401 (or before) I expected that auth0 would get a new one using the refresh token, which is in one-time use, and then return to the app new tokens until the refresh token is invalid anymore, and that’s the end of the session.
Although I have set up everything as the guides, after 10 min and after the access token expired I’m getting 401 instead of new tokens.
Adding my react code conf:
after 10 min passed:
and it stays like that until I refresh the page, which is bad
Do I need to do other things besides that?
I tried to make an axios interceptor to call /token when getting 401 but it failed. (The whole point it that auth0 should the care of that)
The access token is valid for 10 minutes in the auth 0 dashboard,
The refresh token absolute lifetime is 14 days
The inactivity set to week
The reuse in 0
and the id token for 36000 secs.
Thank you very much