We are using access type claims in Okta which are included in the JWT at login time. If while a user is logged in there are some changes to the values of any of these claims, those changes are not reflected in the JWT until a new one is generated. Is there a way to force the regeneration of a JWT on demand rather than waiting for the JWT to expire or having to log out and then login again?
If you have a valid Okta session, you can pass along a session token to get a new access token. Also known as API-based user sign in flow. Note, this relies on third-party cookies.
Here’s the method in
okta-auth-js as GitHub - okta/okta-auth-js: The official js wrapper around Okta's auth API
API - OpenID Connect & OAuth 2.0 API | Okta Developer
Alternatively, if you have a refresh token, you can get a new set of access tokens in exchange.
Thanks. I will try and check that out.