Timeout when using renewAuth in Ionic 2 -- how do I format the callback Uri?

Using auth0 in Ionic 2 with success, but I am not getting any response from the renewAuth method, and I believe it is because I am not properly formatting my silent callback Url. Or perhaps not posting a message from the calback page properly. This is an Ionic 2 application deployed to Android.

I am pasting my screen so you can see both the code and my directory structure.

![alt text][1]

…and the error

![alt text][2]





<ion-content padding>
    <script type="text/javascript">
      parent.postMessage(window.location.hash, "https://io.rivals.app/");

Any help?

Hello? Can anybody help me?

Let me know if you need more information. I am thoroughly stumped on this one, and I can’t find any good info on the exact method of formatting my redirect Uri for an Ionic 2 application.\

The Quickstart sample for Auth0 does not include a renewAuth flow, it would be great if it did.

Thanks, Marc

Although the client application is using Javascript it is still considered a native application. As such the most appropriate flow would be to use an OAuth2 authorization code exchange and request the issuance of refresh tokens. With a refresh token the application could continue to obtain new tokens without requiring the whole authentication process again.

The Ionic2 quickstart shows how to perform the above exchange (it uses the PKCE version, which is slightly different than the regular code exchange, but allows for the same). The renewAuth approach is mostly usable for web applications that run on the browser and as such cannot leverage refresh tokens directly.

In conclusion, follow the Ionic2 quickstart and then use a refresh token exchange to further renew access tokens.

In Ionic 2, it’s not clear how to use npm modules such as Request. Trying to use http service from within my auth-service module, but I am getting a 401 error “unauthorized”.

Any HTTP client should suffice, even the http one. The unauthorized error may happen if you configured the client application in Auth0 to require client authentication and then you’re not performing the request with authentication. However, native applications by default should not be required to do it so ensure you are using the proper client application type.