Refreshing page makes web request with no token in header

Hi All!

We have a pretty simple website, React frontend and .NET core on the backend. We are using Auth0 and setup JWT bearer authentication.

If we go to the website (, it will either bring us to the auth0 login screen or pass us through to the app with cached creds. From the website we can then navigate to a page, That page makes a request to the backend for data.

I can see in that request that the bearer token is included in the request.

If I were to just refresh that page now, it will make the same request and will come back with a 401. I can see by examining the request, when I refresh the page, it does not include the bearer token.

How can I address this?

Thank u!

Hey there @scott14 !

This is expected behavior as auth0-react stores tokens in memory by default and therefore not persisted across page reloads. You can look into using getAccessTokenSilently when calling your API to work around this:

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.