When updating the currently logged in user information in our application, we are successfully sending the new information to Auth0, and we can see the user information in the dashboard get updated.
However, the JWT that is being used still has the old information in it. Is it possible to get the JWT updated automatically when the user info is updated?
For example, we have a ‘profile’ page, that allows the user to update their name, email, and phone number. The request is successful to the /users/{uuid} endpoint. The token information that is stored in our app in now stale, and is only updated when the user signs out and back in. Can we make a subsequent request to have that updated without user interaction?
Hey there @christina!
Thanks for the detailed description of your use case.
It sounds like you might want to look into using silent authentication. For example, our spa-js SDK provides a getTokenSilently method with an option of ignoreCache
- This will essentially force getTokenSilently
to make the request to Auth0 even if the current token(s) are still valid.
Hope this helps!
Thank you for the quick response!
So getAccessTokenSilently makes a call to Auth0 to get a new access token, and then we use that to make a call to /userinfo to get the most up to date user information, yes? Which endpoint does getAccessTokenSilently make a call to? /authorize? If possible, we would prefer to make the call directly instead of using a method.
No problem!
Correct - It will initiate a call to /authorize with prompt=none
parameter. The new token(s) returned should have the updated data. You could also user any non-expired access token to hit /userinfo
for the updated profile information. For example, if you update the user’s profile info and have an access token/id token from prior to the update, the access token should still work to retrieve the latest info from /userinfo.
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.