We recently switched from localstorage to memory as the cacheLocation. We also added custom domains and rotating refresh tokens.
When a user logs in and goes through MFA two things can happen depending on their actions:
- If the user checks “Remember this device for 30 days.”, the user is logged in normally.
- If the user DOES NOT check the “Remember this device for 30 days.”, the user is logged in normally but then redirect back to the MFA page after a few seconds.
createAuth0Client({
...other properties
code_challenge: codeChallenge,
code_challenge_method: "S256",
useRefreshTokens: true
})
Update 1:
getTokenSilently fails with the error Error: Multifactor authentication required after passing isAuthenticated and handleRedirectCallback calls.