Aaron Granick

@darshantechh @HanCholoSupaFly Set the `pkce` option to `false` to support implicit flow. https://github.com/okta/okta-auth-js#implicit-oauth-20-flow

@sidsethupathi We have released a fix for this issue. After upgrading to `@okta/okta-react` [version 5.1.1](https://github.com/okta/okta-react/releases/tag/okta-react-5.1.1) you should see OAuth callback errors caught and displayed in the `LoginCallback` component. Please let...

@patkovskyi I do not think it is related to the signin-widget for 2 reasons: - widget does not read from token manager, so it should not trigger auto renew process...

@Dewar0019 The current version of `okta-react` uses a "passive" auto renew, so it will only attempt to renew tokens when they are read from the token manager. More information here:...

@nryoung Do you have multiple Okta apps running on the same domain? Is it possible other apps are reading/writing to the same token storage? Also are you using the `onSessionExpired`...

@amcdnl @EricHedden With current version of `@okta/okta-react` and `@okta/okta-auth-js` it should not be necessary to apply any workarounds or set an `isAuthenticated` function. Out of the box, standard token renews...

@PAronofsky Thank you for the question. As I understand it, this workflow is supported. Your iOS application can open a web view or launch an external browser to show the...

@PAronofsky In general we recommend using OIDC flow over the session token. That being said, I think your custom login page could pass the sessionToken directly to your native application...

I definitely support logging the error. Killing the process may be a bit severe. The Okta integration could be a small part of a much larger application.

@runingzebra To use refresh token in your app add "offline_access" to the list of requested scopes. Refresh token must also be enabled in your app's configuration in the Okta Admin...