But this does not work, in my auth0 logs I still see errors about silent auth failing because MFA is required. Users cannot access the site because auth0-react redirects back to login after failing silent auth.
It sounds like your application is not fully configured to use refresh tokens - If it is, you should see successful refresh token exchange events (sertft) in your logging. I’d need to test with a rule/action in place, but I’m curious if you run into this with successful successful refresh token exchanges occurring.
If you’d like to share the SDK you’re working with and any related config that could be helpful - Keep us posted!
Refresh tokens seem to work for SSO, I see a lot of successful refresh token exchange events for these connections (99% of our dev testing uses SSO connections). I’m assuming the application is set up correctly (I’m just a backend dev, not too familiar with the react sdk).
I found Configure Silent Authentication and adapted it into an action and this seems to have fixed things, at least in our development env. Will continue testing this tomorrow.