All Colizeum user tokens are available in the Colizeum.Token class. This class is responsible for storing, destroying and refreshing user's access token which is then, used in API calls to authenticate the user.
After a successful login flow, Colizeum SDK will automatically store the values but in some cases it can be beneficial to do it manually, for example when receiving the access tokens from your own back-end service (which is important for WebGL builds)

Assigning tokens

public void OnReceiveTokens(TokenResponse response)
// When your back-end service respond with the Colizeum user tokens, you must
// manually assign them to the SDK
Colizeum.Token.Create(response.access_token, response.refresh_token, response.id_token);

Destroying tokens

In general, there's no real need to manually destroy them trough the Colizeum.Token class, but it can be done using Colizeum.Token.Destroy()

Refreshing the Access Token

If you're using the API methods provided by the SDK, then you don't have to worry about this, as SDK will try to automatically refresh the access token when it's needed, but you can still do it manually using the Colizeum.Token.Refresh() method
private void RefreshColizeumToken()
Colizeum.Token.Refresh(() => {
Debug.Log("Access token refreshed")

Invalid Refresh Token

As every token provided by the Colizeum Identity service has finite life-span, there can be cases where you won't be able to call the API on behalf of the user because the refresh token has expired and access token cannot be refresh.
In these situations, you need to listen to the Colizeum.Token.OnInvalid event and ask the user to login again
private void Awake()
Colizeum.Token.OnInvalid += OnInvalidColizeumToken;
private void OnInvalidColizeumToken()
// When the refresh token is invalid, ask the user to login again