Can we use the access token to make API call to the Microsoft outlook endpoint ? Or it is used for api that is created in auth0?
Hello! If I’m understanding you correctly, you’re looking to access your users’ Microsoft data via a Microsoft API – is that correct?
If so, take a look at the Microsoft option in social connections. You’ll need to set that up and select the permissions that you want. I haven’t personally used the Microsoft IdP option, but I have used Google as an IdP.
In the case of Google, the access_token you receive from auth0 is not the token you use to access IdP APIs. When a user logs in via Google, their access (and refresh token, if you opt to include one) will be stored in the user’s identities. We use the Auth0 User Management API on our backend to then access user identities and parse to find access/refresh tokens. These are the tokens used to access Google APIs.
Some reading that might be helpful:
Hope that helps. If you would like any clarification or further assistance, please feel free to get in touch.
Ok, Thanks for the information. So is there any package I can use for Auth0 User Management API on backend side? I am kind of new user to auth0 so do not have much knowledge.
No problem! Happy to help. So far as I remember, you don’t need any specific libraries and/or packages to make calls to the Auth0 User Management API. Reading through the machine-to-machine tutorial I linked should be helpful in getting started. The process we used for getting our IdP access tokens was:
- POST to oauth/token Auth0 endpoint to get Auth0 User Management API access_token.
- GET to Auth0 API endpoint of choice (e.g., api/v2/users), passing the access_token from step 1 in Authorization header as a bearer token.
- Parse the returned content (specifically, the identities array) to get IdP token.
- Use IdP access token to access social provider API (e.g., Google, Microsoft, etc.).
Thanks for your quick response. I got that part. I got access token but when I use that token to make request to IDP , I get response like sign into account. I am using postman to make api call. Any help with this?
Ah, I see. Unfortunately, I’m not experienced with using Postman for testing these APIs. From what you’re saying though, that would be the expected behavior – your users should be prompted to log in to their social IdPs.
If I remember right, Auth0 does have some docs on using Postman to test out their various APIs. If you haven’t already, maybe head over to auth0.com and run some searches there?