I am using identityserver4 code flow for my angular application. I am using angular-oauth2-oidc library.
My configuration is like this:
OauthConfig: AuthConfig = {
issuer: 'http://mydomain.identityserver4',
requireHttps: false,
responseType: "code",
redirectUri: window.location.origin + '/index.html',
clientId: 'dev.code.flow',
scope: 'openid profile offline_access my.api',
logoutUrl: window.location.origin + '/index.html',
postLogoutRedirectUri: window.location.origin + '/index.html'
}
private configureOauth(){
this.oauthService.configure(OauthConfig);
this.oauthService.tokenValidationHandler = new JwksValidationHandler();
this.oauthService.loadDiscoveryDocumentAndLogin();
this.oauthService.setupAutomaticSilentRefresh();
}
After I login the application, the library sends refresh token request every 5 minutes. I can see this in chrome developer tools.
But several hours later, the token refresh request gets a 400 (Bad request) error. Error message is error: "invalid_grant"
What could be the reason for this?