Open shailendragautam123 opened 5 years ago
aarongranick-okta
commented
4 years ago @shailendragautam123 By default, the SDK will auto renew tokens before they expire. This functionality can be disabled by setting autoRenew: false in the configuration.
swiftone
commented
4 years ago Aaron describes the auto-renewal process - it may be worth noting that this is NOT done with a refresh token, as SPAs are not trusted with refresh tokens per OIDC recommended practices.
For more information on this particular topic, you can see https://developer.okta.com/docs/guides/refresh-tokens/overview/, but if you are just trying to get new access/id tokens while the users' SSO session with Okta is still valid, the auto renewal process described above covers that.
I am using Custom Login page that uses the Okta Sign-In Widget within the Angular application to authenticate the user, I am successfully able to authenticate and getting access token and Id token. But I want to know how can get refresh token to get updated access token if current access token got expire. Please guide me. Thanks