I’ve created a Regular Web Application
for an Express-NodeJS application using express-openid-connect
. The config for auth is like this:
"authConfig": {
"authorizationParams": {
"response_type": "code",
"audience": "**audience**",
"scope": "openid profile email offline_access"
},
"authRequired": false,
"auth0Logout": true,
"baseURL": "**baseURL**",
"clientID": "**client_id**",
"clientSecret": "**client_secret**,
"issuerBaseURL": "**issuer_base_url**",
"secret": "**secret**",
"idpLogout": true
},
For endpoints protected requiresAuth, the request.oidc
property contains accessToken, but the refreshToken is always undefined.
The application on Auth0 portal is also configured to use refreshTokens.When the accessToken expires, and refresh function in the accessToken is invoked, an error stating “refresh_token is missing from the TokenSet” is shown.
Could you guys please guide me if I’m doing anything wrong here?