I am using the Auth SPA SDK in a React SPA and I understand that I should not use a refresh token and only use the in-memory copy of the token. The docs mention that the SDK handles session management and other details. Where can I find out more about these details?
The SDK offers the “getTokenSilently” method to automatically refresh the token after it expires. I am not using the Auth0Context.Provider to wrap my app, but rather the vanilla JS version where I instantiate the auth0 client directly since my entire app needs to be behind the login flow. Given that I don’t render my app unless the user is properly authenticated, how can I check that the token expired?
I don’t know much about react because I use Angular. Please take a look at Angular guide too because underlying methods is the same. Angular guide is well-explained about Auth0Client methods imo.