We are facing the problem with the Safari login. We thought that moving to a custom subdomain would resolve the problem but it’s still there.
So we decided to try to activate the refresh token, therefore we activated the “OIDC Dynamic Application Registration” and added “Refresh Token” in grant types in order to be able to activate the “Refresh Token Rotation”, but this one is still unavailable and greyed out. What are we missing ? Do we need to move to the auth0-spa SDK in order to define “useRefreshTokens: true” (We’re using the auth0.js sdk) ?
Do you want OIDC Dynamic Client Registration? This is not the same as OIDC Conformant, which is one of the required settings for Refresh Token Rotation.
You should be able to create a new SPA application in the dashboard and have all of the settings for Refresh Token Rotation available. Sometimes it is easiest to create a new application in the dashboard rather than updating all of the settings of an existing app or the default app.