I'm using Auth0 passwordless authentication for my application which works great. I get a JWT for authentication and pass that in my authorisation header for requests to my API and it works great, however once a token expires I get 401s from my API as expected.
I'd like to be able to pre-empt this in the front end and either make my front-end aware of an expired JWT, or refresh my token without the user having to log in again.
Documentation for Auth0 lock-passwordless hasn't turned up anything
your JWT will probably contain the information in the field exp (expiration time), eg.
"exp": 1490268359,
You can decode the token on client side, it's base64 encoded JSON. Check it on https://jwt.io/ . The exp field is a unix timestamp in seconds after 1970-01-01 00:00:00 UTC
check also here: https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4 about exp and other claims in a JWT