Lock.Android: Refresh JSON Web Tokens

When authentication is performed with the offline_access scope included, a Refresh Token is returned with the credentials. This value can be used to request a new Access Token and avoid asking the user their credentials again.

Tokens must be stored in a secure storage after a successful authentication. Keep in mind that Refresh Tokens never expire. To request a new token, use Auth0.Android's AuthenticationAPIClient.

Using Refresh Token

val refreshToken: String = // Retrieve Refresh Token from secure storage
val account = Auth0(this)

val client = AuthenticationAPIClient(account)
  .start(object: Callback<Credentials, AuthenticationException> {
  override fun onFailure(exception: AuthenticationException) {
       // Error

   override fun onSuccess(credentials: Credentials) {
       // Use the credentials

Was this helpful?