By studying this link: Get a refresh token | Okta Developer
I would like to know how to get the value for the parameter “state”. The bottom line is, I have a JWT and I want to get a new one before the old one expires. I have been trying to use this “authorize” end point as demonstrated at the link above, but so far I have not had any luck. I always get “Unknown Error”.
The state parameter is unrelated to the method of getting a refresh token.
I assume you are working on a SPA? We recently rolled out an EA feature that will allow you to enable refresh tokens for SPAs called “Refresh token rotation,” which you should be able to find/enable in the Okta Admin Console under Settings → Features.
With that enabled, you can then also enable the “Refresh token” grant type for the SPA you are working on and start using the offline_access scope to request refresh tokens on the front end. More details about refresh token rotation here.
You must use authorization code flow (with PKCE for SPA, with a Client Secret for Web apps with backends handling routes/authorization) in order to get refresh tokens, so you will first need to make a request to the authorize endpoint (you cannot make an AJAX request to this endpoint, you must do a browser redirect) and then take the authorization code returned to the provided redirect_uri in a request to the /token endpoint to get your tokens. With the above steps followed and offline_access scope added as a requested scope in your authorize request, you will receive an ID, Access, AND Refresh token in the response from this endpoint if your request is successful.
Hi Andrea,
Thanks for getting back so quickly.
In regards to, “We recently rolled out an EA feature that will allow you to enable refresh tokens for SPAs called “Refresh token rotation,” which you should be able to find/enable in the Okta Admin Console under Settings → Features.”
When I go to Okta I do not see “Features” under “Settings”. Below I have expanded “Settings”.
You may not have adequate admin permissions to enable features.
Are you a Super Admin for your Okta tenant? Are you doing this in a Production, Preview, Developer, or Free trial org?