Can't get GitHub refresh_token via omniauth-auth0 in user.identities

Hello

I’m using rails omniauth-auth0 gem to authenticate my users against GitHub.
According to https://auth0.com/docs/tokens/idp , if I set the scope “offline_acccess” I should be able to get a user GitHub refresh_token with the /api/v2/users/:id endpoint under the user.identities list, but I only see an access_token.

This is my config/initializers/auth0.rb:

Rails.application.config.middleware.use OmniAuth::Builder do
  provider(
      :auth0,
      Rails.application.secrets.auth0_client_id,
      Rails.application.secrets.auth0_client_secret,
      Rails.application.secrets.auth0_domain,
      callback_path: '/auth/auth0/callback',
      authorize_params: {
          scope: 'openid email profile offline_access'
      }
  )
end

This similar issue was resolved here

Also, my GitHub app has the User-to-server token expiration beta feature “Opted In”:

Is it possible to obtain a GitHub IDP refresh_token with Auth0?

Per the page you linked (https://auth0.com/docs/tokens/identity-provider-access-tokens#renew-third-party-tokens) refresh tokens will only be stored for certain connection types and the built-in GitHub connection is not one of them so if you’re using the built-in connection for GitHub I’m afraid this is not supported.

2 Likes

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.