Is it possible to get a refresh token via the email passwordless OTP flow on an SPA?
I am parsing offline_access
to the relevant scopes. Our settings are enabled for refresh tokens and offline_access
within the application.
My response I get back through parseHash
is always returning null.
It states here that it is possible, but does it mean via SMS? Or email as well?
public passwordlessSendOTP(email: string) {
return new Promise<Auth0DecodedHash>((resolve, reject) => {
this.auth.passwordlessStart(
{
connection: "email",
email,
send: "code",
},
(err, result) => {
if (err) {
reject(err);
} else {
resolve(result);
}
},
);
});
}
public passwordlessLogin(code: string, email: string) {
return new Promise<Auth0DecodedHash>((resolve, reject) => {
this.auth.passwordlessLogin(
{
connection: "email",
email: email,
verificationCode: code,
responseType: "code id_token token",
scope: "openid profile email offline_access",
},
(err, result) => {
if (err) {
reject(err);
} else {
resolve(result);
}
},
);
});
}
public passwordlessCallback(hash: string) {
return new Promise<Auth0DecodedHash>((resolve, reject) => {
this.auth.parseHash({ hash }, function (err, authResult) {
if (err) {
return reject(err);
}
if (!authResult) {
return reject();
}
});
});
}