Saving and Refreshing JWT Tokens


This document covers an outdated version of Lock for iOS. We recommend you to upgrade to v2

When an authentication is performed with the offline_access scope included, it will return a Refresh Token that can be used to request a new JWT token and avoid asking the user his/her credentials again.

We are using SimpleKeychain to handle iOS Keychain access.

First thing we need to do is store the ID Token and Refresh Token in the iOS Keychain after a successful authentication.

Once you have those stored, you can at any point request a new ID Token using either of by calling to Auth0`s delegation endpoint.

Using a non-expired ID Token

Using Refresh Token

Retrieving the user profile from Keychain

If you need to show profile information in your application, just retrieve the saved profile and pick what you need. For example: