Can we get the IDP refresh_token without forcing consent prompt?

tom18 · March 17, 2022, 9:28pm

A separate, but very much related issue:

Can we get the IDP refresh_token without forcing users to go to the consent popup every time they log in?

If the consent screen doesn’t appear, and a user don’t click “Allow”, we don’t get a new refresh_token from the IDP (in our case - google-oauth2)

The refresh_token from the IDP is different from the auth0 refresh_token, and the token that we need to pass to the Google Drive API is the refresh_token from Google Auth itself.

It seems like there’s only one way to get refresh_token from Google, and that’s from the consent popup, after a user clicks “Allow”

dan.woda · March 22, 2022, 6:05pm

Hi @tom18,

I moved this question to a new topic and I’ll be taking a look at it shortly. Thanks!

dan.woda · March 23, 2022, 7:36pm

Hi @tom18,

I don’t think your users should be required to give consent every time a new refresh token is issued. Is this related to the other topic you are working on? Are you getting the google refresh tokens from the Auth0 management API?

Topic		Replies	Views
Use Google refresh_token to obtain new Google access_token Help access_token , google , refresh_token , idp	2	5203	September 5, 2019
Google refresh token not persisted Help refresh-token , google	3	3124	March 25, 2022
IDP refresh token Help refresh-tokens , access-token , refresh_token , idp , box	2	4705	March 2, 2018
What do I do with google idp refresh token? Help api , google , refresh-tokens , idp	3	2925	December 23, 2020
How to force `prompt: "consent"` only to the google authentication? Help	4	6487	September 26, 2020

Can we get the IDP refresh_token without forcing consent prompt?

Related Topics