how to use okta refresh token in react app

Question

Can someone guide on how to use okta refresh token in a react app? Checked the documentation but didnt help much,

for eg, what is the state in below request?

**GET https://${yourOktaDomain}/oauth2/default/v1/authorize?client_id=${clientId}
 &response_type=code
 &scope=openid%20offline_access
 &redirect_uri=ourApp%3A%2Fcallback
 &state=237c671a-29d7-11eb-adc1-0242ac120002**


this is my okta config   oidc: {
    clientId: CLIENT_ID,
    issuer: ISSUER,
    redirectUri: REDIRECT_URI,
    scopes: ['openid', 'profile', 'email'],
    pkce: true,
    disableHttpsCheck: OKTA_TESTING_DISABLEHTTPSCHECK,
    postLogoutRedirectUri:REDIRECT_URI,
    responseType: ['id_token', 'token','refresh_token'],
  },
  resourceServer: {
    messagesUrl: 'http://localhost:8000/api/messages',
  },

Answer 1

Checkout https://github.com/okta/okta-auth-js#tokenmanagerrenewkey You don't even need a refresh token, necessarily, if you have an active session.

Answer 2

You need to request offline scope to get a refresh token, assuming your app/authZ server allow that in their policy

Answer 3

If you want to use okta with react you should check here.

To get tokens in your app, the authorization server will redirect back to the react app with the token in a parameter.

I'm guessing okta has a client library for that if they are charging for it.