Silent refresh in implicit flow (okta-signin-widget)

I am trying to understand how okta-signin-widget refreshes token.
I see after one hour (default expiration time) if I make request to protected page, I get updated token in storage.

I want to update token before one hour expiration (forcing).
How do I do that?

Please help me understand.

You can send another request to /authorize and you’ll get an updated token back as long as the Okta’s session is active

An AJAX call to /authorize would fail isn’t it? Can you please elaborate on this one?

Yes, according to the documentation it fails, but they use tricky things :). It’s all defined by the flow used by your application. You can have a look at this piece of the documentation -

You can call renew to get the new token. And you can deep dive into the implementation of it, if you are interested about the actual calls made.

autoRenew property of tokenManager in AuthJS can be set to true for automatic renewal of tokens. By default, the library will attempt to renew tokens before they expire.

I hope this helps.