My app is authenticated using Auth0. The user enters their username + password and Auth0 gives back a token which my app uses to call my backend.
My app also uses 3rd party applications behind the scenes, and those 3rd party applications all have their own authentication. When a user logs in to my application, it needs to go out and get authentication tokens for all these 3rd party apps as well.
For example, my app needs to use an API on Watson which is authenticated using a different username + password. The user can’t know what that username + password are. Instead, they are ‘known’ by my app, which uses them to login to Watson and get an auth token to make the API calls.
That Watson API isn’t the only 3rd party API my app needs to use. The 3rd party APIs all have their own authentication schemes. Some use a username + password, others use an App ID and Secret, etc. But in all of these cases, the authentication credentials are owned and managed by my application - not by the user of my application.
So the question is, how can I use Auth0 to automatically go out and get all these 3rd party authentication tokens when the user logs in to my app?