Silent Authentication Failing - Consent Required

We have a SPA where we are storing permissions in the app_metadata and then have a rule that puts that metadata in the access token.

We would like to be able to use silent authentication to get new access tokens every so often, or if a user receives new permissions.

After a lot of troubleshooting, I’ve found and followed this tutorial –

I downloaded this demo and noticed that the access token coming back wasn’t a jwt. So I added my audience so it would be a jwt. And it works totally fine. Whenever I click on renew token, a brand new token comes back.

However, when I try this in my own project, I keep getting this “Consent Required” error message. I understand that it’s because I’m on localhost and it’s not treated like first party. But when I download the demo and try it, I don’t get the consent required thing – so there’s clearly a way around it.

Here’s my WebAuth:

this.auth0 = new auth0.WebAuth({
   domain: MY_DOMAIN
   clientID: MY_CLIENT_ID
   redirectUri: MY_CALLBACK_URL
   responseType: "token id_token"
   scope: "openid email profile"
   audienct: MY_AUDIENCE

And then I’m having this.renewSession load on every page refresh for testing.

 renewSession = () =>  {
    console.log("renewing session")
    this.auth0.checkSession({}, (err, authResult) => {
        if (authResult && authResult.accessToken && authResult.idToken) {
        } else if (err) {
          alert(`Could not get a new token (${err.error}: ${err.error_description}).`);

and setSession here

setSession = authResult => {
    // set time that the access token will expire
    const expiresAt = JSON.stringify(
      authResult.expiresIn * 1000 + new Date().getTime()

    localStorage.setItem("access_token", authResult.accessToken);
    localStorage.setItem("id_token", authResult.idToken);
    localStorage.setItem("expires_at", expiresAt);

Any help would be greatly appreciated! I haven’t noticed any crazy discrepancies between the demo’s config and my own but I still get the error saying consent is required.

After leaving it for the weekend and coming back, it seems to work just fine now. Not sure exactly what I did to change this, but all is good now.


This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.