You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
and if the client sends the Origin header for code exchange request with POST /oauth/token call, Auth0, by default, prevents issuing tokens and throws this error.
Do not include the origin header when making a request.
The default setup doesn’t allow the use of non-rotating refresh tokens from browsers. If non-rotating refresh tokens must be used from the browsers, please open a support ticket with Auth0.
It doesn't look like it's possible to do this without getting personalized assistance from auth0. As this is not a high priority at the moment, I will put this on the backlog.
This will become more of a priority if the use case arises where users who have uploaded data to our platform actively want to programmatically retrieve that data.
Do not include the origin header when making a request.
https://community.auth0.com/t/the-offline-access-scope-was-requested-but-no-refresh-token-was-issued-error-message-after-deploying-spa/117730
The text was updated successfully, but these errors were encountered: