[AUTH0 IdToken Refresh]: how to get a refresh_token to get a new idToken and pass it on when it expires

eduardocampos · December 24, 2021, 6:11am

Hello

I would like to know if you could help me how to get a refresh_token to get a new idToken and pass it on when it expires.

I currently detect when it expires with graphql Error, and I call the api/auth/login in nextjs.

I’m using nextjs-auth0 + auth0 as Authentication Profiles.

Everything else works ok, I would just like to know how they solved the issue of refreshing the IdToken with auth0.

I have read everything but without options to solve it.

or if the solution is simply to make the user log in again?

Thank you!

lada.kokotova · December 24, 2021, 10:34am

Hello!

Sorry about the long wait. I’ll give you a response soon.

Lada Kokotova | Technical Support Engineer

lada.kokotova · December 24, 2021, 12:00pm

You can get refreshToken with userLogin mutation:

mutation {
  userLogin(data:{
    email: "your_email",
    authProfileId: "your_authProfileID",
    password: "your_password"
  }) {
    success
    auth{
        idToken
        refreshToken
    }
  }
}

Then just pass it to update your idToken:

mutation {
  userRefreshToken(data:{
    email: "your_email"
    refreshToken: "token_from_previous_mutation"
    authProfileId: "your_authProfileID"})
  {
    refreshToken
    idToken
  }
}

Please let us know if you need more help with auth logic.

Lada Kokotova | Technical Support Engineer

jetixsolorzano · December 24, 2021, 4:21pm

How many time can I do this?, or can I do it every time that I want?

lada.kokotova · December 24, 2021, 7:37pm

You can use this whenever you need it.

Lada Kokotova | Technical Support Engineer

eduardocampos · December 27, 2021, 8:29am

Thanks for responding.

If this works for authentication with native 8base, but I’m using Auth0-nextjs. https://github.com/auth0/nextjs-auth0

Everything works fine but the idToken expires and I would like to see if there is the refresh token option. or if you managed to solve it in some way.

I currently have it like this:

The user login
Graphql “Token expired” error
Redirect to Login - /api/auth/login
I get a new session with “idToken”.

The flow I’m thinking of is:

The user login
Graphql “Token expired” error
Get refresh token Auth0
I pass the new token
I get a new session with “idToken”.

lada.kokotova · December 27, 2021, 10:19am

Hello!

The flow you are thinking of should work just fine with custom Auth0 authethication profile. What are your concerns about Auth0-nextjs?

Lada Kokotova | Technical Support Engineer