Please include the following information in your post:
Which SDK this is regarding: e.g. @auth0/auth0-react
SDK Version: 1.5.0
Platform Version: Chrome 91.0.4472.114
I noticed my SPA get redirected to auth0 everytime the access token expires (1 hour). Which means that users loose what they were doing when it happens (e.g. filling a form…). No need to say that it is pretty annoying !
I configured auth0 to use rotating refresh tokens. I presumed the SDK would call auth0 itself to renew the access token.
How may I avoid those redirects ? Is it a bug in the SDK ?
I think you need to have instead useRefreshTokens={true} in your Auth0Provider config from looking at the quickstart docs. Then, provided the API your audience is pointed at has Allow Offline Access enabled, the SDK should be able to obtain one when the user logs in and store it for use whenever the getAccessTokenSilently method is called and carry out the request in a hidden iFrame to avoid disrupting the user.
Well, useRefreshTokens and useRefreshTokens={true} are equivalent. But I’ll check the other points. I said “I configured” for convenience, but that’s team work and I don’t have admin access to our Auth0 account - so the delay. I let you know the outcome by tomorrow.
Hi @sgo, sorry to come back a bit late, but there is a good news. What was missing was indeed to enable Allow Offline Access. Then we don’t have anymore redirects, and the SDK refreshes access tokens with XHR requests.