CODEWITHSUNDEEP
javascriptauth0
Matt Wilson
Matt Wilson

Reputation: 8319

Use refresh_token to obtain new id_token with Auth0 Lock 10 / Auth0.js 8?

I need to use a refresh_token (which I have stored) to obtain a new id_token from Auth0.

In version 9 of Auth0 Lock, there was a method to do this (as documented here):

lock.getClient().refreshToken(refresh_token, function (err, delegationResult) {
  // Get here the new JWT via delegationResult.id_token
});

In Lock 10, getClient() no longer exists, and this page suggests that you can instantiate your own instance of auth0.js. How do I do this?

I tried this:

return new auth0.WebAuth({
    domain: '...',
    clientID: '...'
});

but this object doesn't seem to have any useful methods on it. Again the old Auth0.js v7 library looks clear:

auth0.refreshToken(refresh_token, function (err, delegationResult) {
  // Get here the new delegationResult.id_token
});

How can this be achieved with auth0.js v8?

Upvotes: 2

Views: 468

Answers (2)

Matt Wilson
Matt Wilson

Reputation: 8319

As pointed out, renewAuth seems to be the new way to do this. However, it's also possible to make a manual HTTP call to the Auth0 api in order to get a new id token using a refresh token:

POST {yourAuth0Domain}/delegation

{
    client_id: "...",
    grant_type: "urn:ietf:params:oauth:grant-type:jwt-bearer",
    refresh_token: "...",
    scope: "openid app_metadata"
}

Upvotes: 3

João Angelo
João Angelo

Reputation: 57718

According to the available documentation the way to obtain a new token using Auth0.js v8 is to use the renewAuth method.

The renewAuth method allows you to acquire a new token from Auth0 for a user who is already authenticated against the hosted login page.

Upvotes: 0

Related Questions