Lock.Android: Refresh JSON Web Tokens
When authentication is performed with the offline_access
scope included, a Refresh Token is returned with the credentials. This value can be used to request a new Access Token and avoid asking the user their credentials again.
Tokens must be stored in a secure storage after a successful authentication. Keep in mind that Refresh Tokens never expire. To request a new token, use Auth0.Android
's AuthenticationAPIClient
.
Using Refresh Token
val refreshToken: String = // Retrieve Refresh Token from secure storage
val account = Auth0(this)
val client = AuthenticationAPIClient(account)
client.renewAuth(refreshToken)
.start(object: Callback<Credentials, AuthenticationException> {
override fun onFailure(exception: AuthenticationException) {
// Error
}
override fun onSuccess(credentials: Credentials) {
// Use the credentials
}
})
Was this helpful?
/