I have a working SPA + API server (thanks to Steve’s QuickStart). The majority of times I receive a full length accessToken and idToken. The accessToken works with my API server. But I am seeing random failures to get a full JWT access_token. I end up receiving a short token that cannot be used by my API server.
- Start SPA, login using auth0.WebAuth.authorize(…)
- I receive a short accessToken and a full length idToken.
I check my Auth0 logs https://manage.auth0.com/dashboard/us/dev-xxxxx-yy/logs and I do not see any problems. All logins are reported as success.
I am keeping a list of datetime and authResults that contain short access tokens.
If I logout and login with the same user account I usually get a full length accessToken and idToken.
Any ideas as to what is going wrong?