Can we get the IDP refresh_token without forcing consent prompt?

tom18 · March 17, 2022, 9:28pm

A separate, but very much related issue:

Can we get the IDP refresh_token without forcing users to go to the consent popup every time they log in?

If the consent screen doesn’t appear, and a user don’t click “Allow”, we don’t get a new refresh_token from the IDP (in our case - google-oauth2)

The refresh_token from the IDP is different from the auth0 refresh_token, and the token that we need to pass to the Google Drive API is the refresh_token from Google Auth itself.

It seems like there’s only one way to get refresh_token from Google, and that’s from the consent popup, after a user clicks “Allow”

dan.woda · March 22, 2022, 6:05pm

Hi @tom18,

I moved this question to a new topic and I’ll be taking a look at it shortly. Thanks!

dan.woda · March 23, 2022, 7:36pm

Hi @tom18,

I don’t think your users should be required to give consent every time a new refresh token is issued. Is this related to the other topic you are working on? Are you getting the google refresh tokens from the Auth0 management API?