Refreshing page makes web request with no token in header

scott14 · April 11, 2024, 2:01pm

Hi All!

We have a pretty simple website, React frontend and .NET core on the backend. We are using Auth0 and setup JWT bearer authentication.

If we go to the website (https://mywebsite.com), it will either bring us to the auth0 login screen or pass us through to the app with cached creds. From the website we can then navigate to a page, https://mywebsite.com/Object/1. That page makes a request to the backend for data.

I can see in that request that the bearer token is included in the request.

If I were to just refresh that page now, it will make the same request and will come back with a 401. I can see by examining the request, when I refresh the page, it does not include the bearer token.

How can I address this?

Thank u!

tyf · April 12, 2024, 2:56pm

Hey there @scott14 !

This is expected behavior as auth0-react stores tokens in memory by default and therefore not persisted across page reloads. You can look into using getAccessTokenSilently when calling your API to work around this:

github.com

auth0/auth0-react/blob/main/EXAMPLES.md#call-an-api

# Examples

- [Use with a Class Component](#use-with-a-class-component)
- [Protect a Route](#protect-a-route)
- [Call an API](#call-an-api)
- [Protecting a route in a `react-router-dom v6` app](#protecting-a-route-in-a-react-router-dom-v6-app)
- [Protecting a route in a Gatsby app](#protecting-a-route-in-a-gatsby-app)
- [Protecting a route in a Next.js app (in SPA mode)](#protecting-a-route-in-a-nextjs-app-in-spa-mode)
- [Use with Auth0 organizations](#use-with-auth0-organizations)
- [Protecting a route with a claims check](#protecting-a-route-with-a-claims-check)

## Use with a Class Component

Use the `withAuth0` higher order component to add the `auth0` property to Class components:

```jsx
import React, { Component } from 'react';
import { withAuth0 } from '@auth0/auth0-react';

class Profile extends Component {

This file has been truncated. show original

system · April 26, 2024, 2:57pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to add JWT to auth header for full page request? Help jwt	2	3286	August 26, 2019
Auth0-react maintaining authentication on page refresh Help refresh , auth0-react	2	3444	January 12, 2021
Secure serverless ZEIT API with Auth0 JWT Bearer Token Help jwt , api , auth0js , js , react	8	5342	August 21, 2020
Refresh Token for reload page Help auth0 , auth0js , react	4	4976	September 28, 2021
New token on each page reload? Help auth0-spa-js	2	3274	November 11, 2020

Refreshing page makes web request with no token in header

Related topics