I have a mobile app that implements passwordless authentication for users, I’m able to get an access token, however, I’m unable to get a refresh token.
I’m sending a POST request to the /ouath/token endpoint, and passing offline_access to the scope.
Have a look here:
I am struggling with Auth0 apis since 48 hours (due to partially outdated, misleading documentation, imho).
I am able to request a mail link with the passwordless/start endpoint. I use a deep-link callback to get the accessToken once the user clicks on the email.
I have no problem to retrieve the JWT access token, but I cannot get a Refresh Token. And since the maximum timespan for tokens is 24 hours (86400), how can I renew the token without sending a new mail to the user?
Looks like it requires use of hosted login pages.
@luke.adams and @sa3eedo I have linked one of our terrific docs below on Hosted Login pages through Universal Login. Let me know if this helps shed some light on a solution for you @sa3eedo otherwise I would be happy to dive in deeper with you to get the problem resolved!
@James.Morrison - Just to confirm with this process we can use passwordless and get refresh tokens from a SPA? thanks
@luke.adams I wanted to follow up and let you know you can still use passwordless and refresh tokens from a Single Page Application. Thanks!
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.