Hi @reemasaluja,
Have you tried refreshing the access token using postman collections?
I believe the documentation in this link is quite straightforward - https://developer.okta.com/authentication-guide/tokens/refreshing-tokens
I understand that using interceptors in postman can be hard, so you can try the following -
- Go to https://oidcdebugger.com/ (This is a tool written by @nate.barbettini to test OIDC endpoints)
- Enter the details according to your org. (You can set the state to any value)
- Make sure that you have added the redirect uri https://oidcdebugger.com/debug into your okta web application
- An authorization code will be returned to you in the next page, which can be used to get tokens using postman
- You can now use this refresh token to get a new access token
Try the above steps and see if it works for you.
If it works in postman, I don’t see a reason for it not working in your code.
BTW, in the code you posted I see you’re using config.auth.id in Authorization header. Can you check if it’s defined or if you should be using config.auth.clientId?