OIDC Silent Authentication
Fleeting- External reference: https://auth0.com/docs/authenticate/login/configure-silent-authentication
The OpenID Connect protocol supports a prompt=none parameter on the authentication request that allows applications to indicate that the authorization server must not display any user interaction (such as authentication, consent, or MFA).
— https://auth0.com/docs/authenticate/login/configure-silent-authentication
Use of the Implicit Flow in SPAs presents security challenges requiring explicit mitigation strategies. You can use the Authorization Code Flow with PKCE in conjunction with Silent Authentication to renew sessions in SPAs.
— https://auth0.com/docs/authenticate/login/configure-silent-authentication
initiate a silent authentication request, add the prompt=none parameter when you redirect a user to the /authorize endpoint of Auth0’s authentication API
— https://auth0.com/docs/authenticate/login/configure-silent-authentication