Auth0 not storing Azure AD refresh token with OpenId Connect

mk123 · March 27, 2023, 5:57am

When we use a Social connection and offline_access scope for Azure AD, then Auth0 stores the Azure AD refresh_token and access_token in identities object in user.

But we when use OpenID Connect enterprise connection and offline_access scope for the same Azure AD application, then Auth0 doesn’t store the Azure AD refresh_token and access_token in identities object in user.

Is this expected behavior? Is there no way to get Azure AD refresh_token and access_token when using OpenID Connect?

matt.g · March 29, 2023, 9:03pm

Hi @mk123,

Welcome back to the Auth0 Community!

Unfortunately Enterprise OpenID connections don’t currently support IDP access_tokens or refresh_tokens, however I confirmed that this is on the product roadmap and could be released as early as April 2023.

I hope this helps!

Thank you,
Matt

Topic		Replies	Views
No 3rd party refresh_token available with AzureAd connection Get Help connections , oidc-enterprise-connection	3	90	July 14, 2025
No refresh token is available on Microsoft AzureAD Get Help auth0 , api	5	8749	April 24, 2020
Refresh Token for Microsoft Azure AD IdP Enterprise connection Get Help connections , oidc-enterprise-connection	0	1160	February 23, 2023
Cannot get refresh_token with Okta Workforce Enterprise Connection Get Help connections , oidc-enterprise-connection	0	1164	April 28, 2023
Logout from enterprise connection will logout from the auth0 account Get Help logout , azure-ad	2	2475	March 9, 2022

Auth0 not storing Azure AD refresh token with OpenId Connect

Related topics