SSR by use of refresh tokens

Does Auth0 support SSR using the refresh token pattern?

This article gives great insight into how the pattern works

Hi @bfayle,

welcome the community.

Do you mean whether Auth0 can also act as an SSR server (-> it does not), or whether it can be used in combination with such?
(I have not read the entire article but just the SSR part, and some parts weren’t very clear to me, esp. the separation of SSR and Auth server).

What surprised me in the linked article is that they recommend to store the refresh token in a cookie on the client. (I also read the comments at the bottom, unfortunately they weren’t replied by the author)

In the end I ditched Auth0 in favor of Firebase authentication which support SSR via a service worker strategy quite elegantly.

https://firebase.google.com/docs/auth/web/service-worker-sessions

For SSR you need to allow the backend to determine if a user is authenticated so it can render pages intelligently