Hi Ruben,
Access token is fixed now i having an issue of not getting a refresh token.
I steps i followed:
- Created a single page application.
- Added [http://127.0.0.1:9201 frontend domain] for Allowed Callback URL’s, Allowed Logout URL’s, Allowed Web Origins and Allowed Origins
- Since my backend[http://127.0.0.1:2000 ] is running on a different domain i have added that to Allowed Web Origins and Allowed Origins. I do not know whether its required or not but to be on safe side i added it.
- Enabled Rotation and set Reuse Interval as 1800 sec.
Creation of a new API
- Created a new API
- Set Token expiration to 3600 and Token Expiration for Browser rows 1800. [I observed that since front-end and backend are using the same audience setting the token expiration time in API reflects it in the front-end].
- Enable Allow Offline Access.
Configuring Augular
-
app.module.ts
AuthModule.forRoot({
useRefreshTokens: true,
domain: '',
clientId: '',
authorizationParams: {
audience: 'same as the backend',
scope: 'offline_access',
redirect_uri: window.location.origin,
},
errorPath: '',
httpInterceptor: environment.httpInterceptor,
}),
- When i look at the backend i am not receiving any refresh token and i was able to confirm it by refreshing the page a error message is displayed mentioning refresh token not available.
I believe it is something to do with the configuration. Appreciate your help