for an application where we need to be able to Google Drive api for users I’ve setup a login flow that will request the required scope and set the access type as offline. For interacting with the Google Drive api, a refresh token is required.
The initial call is working as expected. I can then use the Auth0 api to get the full user profile, which will then include the needed access_token and refresh token in the identities property.
So far so good, but when I log out from our application and go through the login procedure, the next time I request the user profile, the refresh token is missing.
As I understood, Google only exchanges the refresh on the first authentication, but it seems odd that this will clear the refresh token from the identies in the user profile.
The only solution I found so far is to include “approval_prompt=force” query parameter. But this results in a redundant constent screen being displayed every time a user logs in.
Is there any other way round this? I would prefer not to store the refresh token on our own server.