Refreshing page makes web request with no token in header

scott14 · April 11, 2024, 2:01pm

Hi All!

We have a pretty simple website, React frontend and .NET core on the backend. We are using Auth0 and setup JWT bearer authentication.

If we go to the website (https://mywebsite.com), it will either bring us to the auth0 login screen or pass us through to the app with cached creds. From the website we can then navigate to a page, https://mywebsite.com/Object/1. That page makes a request to the backend for data.

I can see in that request that the bearer token is included in the request.

If I were to just refresh that page now, it will make the same request and will come back with a 401. I can see by examining the request, when I refresh the page, it does not include the bearer token.

How can I address this?

Thank u!

tyf · April 12, 2024, 2:56pm

Hey there @scott14 !

This is expected behavior as auth0-react stores tokens in memory by default and therefore not persisted across page reloads. You can look into using getAccessTokenSilently when calling your API to work around this:

github.com

auth0/auth0-react/blob/main/EXAMPLES.md#call-an-api

# Examples

- [Use with a Class Component](#use-with-a-class-component)
- [Protect a Route](#protect-a-route)
- [Call an API](#call-an-api)
- [Protecting a route in a `react-router-dom v6` app](#protecting-a-route-in-a-react-router-dom-v6-app)
- [Protecting a route in a Gatsby app](#protecting-a-route-in-a-gatsby-app)
- [Protecting a route in a Next.js app (in SPA mode)](#protecting-a-route-in-a-nextjs-app-in-spa-mode)
- [Use with Auth0 organizations](#use-with-auth0-organizations)
- [Protecting a route with a claims check](#protecting-a-route-with-a-claims-check)

## Use with a Class Component

Use the `withAuth0` higher order component to add the `auth0` property to Class components:

```jsx
import React, { Component } from 'react';
import { withAuth0 } from '@auth0/auth0-react';

class Profile extends Component {

This file has been truncated. show original

system · April 26, 2024, 2:57pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Persisting Login Between Refreshes Help	12	25671	June 1, 2019
Why does session expire after page refresh? Help	7	11053	July 23, 2019
withAuthenticationRequired - When I refresh the page it doesn't redirect Help help , gatsby	0	3186	June 30, 2021
Persisting login on refresh with refresh token rotation Help auth0 , login	3	5837	February 11, 2021
401, Bearer error="invalid_token", The audience is invalid Help jwt	4	28147	July 28, 2021

Refreshing page makes web request with no token in header

Related Topics