How does okta-react-native store refresh tokens

amartin · June 24, 2020, 8:27pm

I am using the @okta/okta-react-native package. There is a requirement to use refresh tokens for faster login. The @okta/okta-react-native package provides a refreshTokens method that accepts no argument. It simply refreshes the tokens which is great. It seems like when a refresh token is available the @okta/okta-react-native stores it. However there is another requirement that the refreshToken be stored securely in the device’s encrypted keystore (TPM ISO/IEC 11889).

Does the @okta/okta-react-native package in fact store the refresh token on the device?
How and where does @okta/okta-react-native store the refresh token? Is it stored in the device’s encrypted keystore (TPM ISO/IEC 11889)?

phi1ipp · June 25, 2020, 10:56pm

As I can see it’s stored in SharedPreference file, as per the comment

/**
 * A implementation of {@link OktaStorage}.
 * The implementation uses SharedPreferences in private mode to save data.
 * The data will be encrypted by the library before saving.
 */

system · January 24, 2024, 8:11pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.

Post		Replies	Views
Refresh tokens - okta-react-native Questions	3	5409	March 25, 2020
React Native Biometric Okta support Questions	3	3576	February 13, 2024
Do I need to manually refresh tokens in my SPA? Questions	8	11255	January 24, 2024
When silently renewing token using @okta/okta-react 3.0.10 it refreshes the whole page Questions	1	3408	February 8, 2024
Refresh existing token Questions	2	4535	June 1, 2020

How does okta-react-native store refresh tokens

Related topics