Refreshing page makes web request with no token in header

Hi All!

We have a pretty simple website, React frontend and .NET core on the backend. We are using Auth0 and setup JWT bearer authentication.

If we go to the website (https://mywebsite.com), it will either bring us to the auth0 login screen or pass us through to the app with cached creds. From the website we can then navigate to a page, https://mywebsite.com/Object/1. That page makes a request to the backend for data.

I can see in that request that the bearer token is included in the request.

If I were to just refresh that page now, it will make the same request and will come back with a 401. I can see by examining the request, when I refresh the page, it does not include the bearer token.

How can I address this?

Thank u!

Hey there @scott14 !

This is expected behavior as auth0-react stores tokens in memory by default and therefore not persisted across page reloads. You can look into using getAccessTokenSilently when calling your API to work around this:

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.