Disable Refresh Token Rotation

You can disable refresh token rotation for each application using Dashboard or the Management API.

Disable with the Dashboard

  1. Go to Dashboard > Application Settings and scroll to the Application Tokens section.

  2. Next to Refresh Token Behavior select Non-Rotating.

    Disable Refresh Token Rotation Screen

  3. Click Save Changes.

Disable with the Management API

  1. Disable refresh token rotation for each application using the Management API:

    to configure this snippet with your account
    const auth0 = await createAuth0Client({
          domain: '{yourDomain}',
          client_id: '{yourClientId}',
          audience: '{yourApiIdentifier}',
          useRefreshTokens: false
        });

    Was this helpful?

    /

  2. Configure the non-rotating refresh token settings as follows:

    PATCH /api/v2/clients/{client_id}
        {
          "refresh_token": {
        "rotation_type": "non-rotating",
        "expiration_type": "non-expiring"
          }
        }

    Was this helpful?

    /

Learn more