Discord/Auth0 SPA login without always having to Authorize

I’ve been using the Discord integration here: https://marketplace.auth0.com/integrations/discord-social-connection

It’s working pretty well, but the problem I’m having is that every time a user logs in, they have to Authorize the Discord application. We have a requirement from our product team that means the user should only have to click this once on their first login, but then they shouldn’t have to do the same again if they logout and log in again. I’ve read that implicit grant flow is a way to persist the user’s session using a token that essentially means they won’t have to click that Authorize button every time.

After reading the docs, I noticed that changing the response_type to token in the Discord authorization link should mean that we have access to this token, I tried changing that, but there are a couple of issues:

  • The updated link in the discord config seems to be ignored, it’s just using response_type=code
  • Even if it were to be token, I’m not sure that’d work since it seems like there are some additional steps that might need to be taken to manage that token from JS.

I’m using @auth0/auth0-react to integrate into my React App, and there doesn’t seem to be any way to hook into that to handle this kind of response anyway.

This has me wondering, am I barking up the wrong tree? Is there some way to configure this to essentially remember the user has already authorized the app? Is this an Auth0 problem or a Discord problem, or is it just a me problem?