Google App/Gsuite Enterprise Connection refresh token


I’m having an SPA with auth0.js library
I have an G SUITE account i tried logging in with Google social connection and I’m getting the refresh token and access token in the identities array of user in the rule but when i create an enterprise G suite account i only get the access token not the refresh token.

Please let me know how to get the refresh token for google-apps (G suite enterprise connection)

1 Like

Hi @noyo1000gt, welcome!

I’m afraid the Google G Suite connection does not store a refresh token when doing the authorization.
If you feel that this would be a good addition to the product, please leave a note at Auth0: Secure access for everyone. But not just anyone., explaining the use case.

1 Like

Hi @nicolas_sabena,

Thanks for the fast reply,

I’m quite surprised by this finding as I’m also using Azure AD Enterprise connection in Auth0 and Auth0 gives the refresh_token of Azure AD on authorization (login),

As per my current understanding the refresh token’s is only retrieved while authorization If i am wrong please let me know is there any possibility of getting the refresh token using the Enterprise G Suite connection through Auth0 other than Authorization.

The refresh token coming from the external identity provider (like Azure AD) is obtained when Auth0 asks the IdP for an authorization (i.e. when Auth0 needs to authenticate the user). At that time, it is stored as part of the identities array. This logic is there for some connection types but not for all of them. Google G Suite, unfortunately, does not have it.
As I said before, you can leave a feature request at Auth0: Secure access for everyone. But not just anyone., ideally not only explaining what you need (Auth0 to store the refresh token coming from Google) but also explaining why you need it.
Other options (admittedly less than ideal) are:

  • Request a token directly from Google to your app for the specific Google API scopes you need (including the refresh token)
  • Use Google Social connections
1 Like

Thanks for the two options @nicolas_sabena but i believe if i use the two said options ill loose the Enterprise Connection benefits therefore i have sent a feedback to the Auth0 Team please let me know if Auth0 decides to store the refresh token while Authorization of G Suite Enterprise connection.