OKTA JWT Token is not automatically refreshed

Am using OpenID with OAuth 2.0 with Angular as front end and .Net Core API as backend API.
When am leaving my application idle for few hours and when am using my application again then my api calls are failing with unauthorized error. when I refresh the page everything works again. why is okta not refreshing the JWT token or at least automatically reload the page if the access token is expired? Please help me resolve this issue.

It depends on your implementation actually. Okta refreshes access token if properly configured.

Thanks for your response Philipp, below is how I implemented, please let me know what am missing. Okta is not refreshing token.

oktaConfig: {
issuer: ‘’,
clientId: ‘’,
redirectUri: ‘http://localhost:4200/login/callback’,
postLogoutRedirectUri: ‘http://localhost:4200’,
scopes: [‘openid’, ‘profile’, ‘email’],
pkce: true,
tokenManager: { storage: ‘sessionStorage’}


providers: [
{ provide: OKTA_CONFIG, useValue: environment.oktaConfig }


constructor(private oktaAuth: OktaAuthService) { }

const accessToken = this.oktaAuth.getAccessToken();

What page of your application are you on when the session expires? If you try to access a protected route or use a token in anyway, does the refresh occur then?

Also, I recommend enabling refresh tokens in your app (under Grant Types) and adding the offline_access scope to your config. This way you’re not dependent on the Okta session lifetime to refresh tokens for the user (which is also a potential complication).

Thanks for your reply Andrea.
after 1 hour whenever my application makes api call then i will receive unauthorized error due to token expiry.
I have added the scope offline_access to the list scopes but still the session expires.
scopes: [‘openid’, ‘profile’, ‘email’, ‘offline_access’].
Refresh token is enabled in app integration but implicit is not enabled, does this cause issue? please help me figure out what am missing.

am using angular at my SPA.

My protected Routes work fine after 1 hour but the JW token which am passing to my api calls is getting unauthorized. am using .net core api at my back end, below is how i implemented at backend
using Okta.AspNetCore;

services.AddAuthentication(options =>
options.DefaultAuthenticateScheme = OktaDefaults.ApiAuthenticationScheme;
options.DefaultChallengeScheme = OktaDefaults.ApiAuthenticationScheme;
options.DefaultSignInScheme = OktaDefaults.ApiAuthenticationScheme;

        .AddOktaWebApi(new OktaWebApiOptions()
            OktaDomain = Configuration["Okta:OktaDomain"],
            AuthorizationServerId = Configuration["Okta:AuthorizationServerId"],
            Audience = Configuration["Okta:Audience"]