Hey there .
I have a React SPA that I want to do some user interaction tracking for. To do that, I need a “session ID”.
We’re using the
auth0-react SDK. So, let’s say we set the cacheLocation option in the provider to
localstorage. This feels like something that could serve as an ersatz session id if we encrypted it. Problem though: if the token is about to expire and we get a new one when we call
getAccessTokenSilently, now this looks like two sessions, but it’s really the same session from an analytics perspective.
I’ve seen documentation about the context object in rules (referenced in this similar question), but I’m not sure if any of these options actually provide what I need.
context.sessionID sounds like an obvious choice, but I’m not sure what this means:
Value is kept only if
prompt=noneis used in the authorization request. Note that the session ID can change after rule execution on other flows, so the value available in
context.sessionIDmight not match the new session ID that the user will receive.
and if that would affect how viable it would make it for my usecase.