This change addresses auth0/react-native-auth0#1374 by improving the reliability of credential retrieval in unstable network conditions.

While this update was initially driven by a request from a React Native SDK consumer, reliable credential retrieval is a critical requirement for mobile scenarios in general. As such, this capability is also applicable to Android SDK consumers and can be leveraged to improve the robustness of credential management.

We should recommend this approach to Android SDK developers who encounter similar issues.

Background / Problem

A scenario highlighted by the community:

1. Request A calls getCredentials() and initiates a token refresh.
2. The request successfully reaches Auth0 and a new access token is issued.
3. The response fails to reach the client due to a transient network issue.
4. Later, when the user tries again, the refresh attempt may fail because the refresh token could already be expired by that time.

On mobile networks, which are often unreliable, this scenario is realistic. In such cases, even if the user retries later on a stable network, the refresh attempt may fail because the refresh token could already be expired.

Proposed Solution

This PR introduces retry support for transient failures to better leverage Auth0's refresh token rotation overlap period, allowing safe retries when the server-side renewal succeeds but the response never reaches the client.

Outcome

The retry mechanism improves resilience in real-world mobile conditions by safely retrying credential retrieval requests within the refresh token overlap window, reducing unnecessary authentication failures without changing default behavior.

📎 References

• Related iOS PR: Auth0.swift#1063
• Issue: react-native-auth0#1374