I have an SPA application as per Auth0 SPA application definition (using Angular). I am using Auth0 as a client log in mechanism. My application allows for a user to log in with two service providers, IDP(s) or social connections: Facebook or Google
. (Given I have supplied Client Id’s and Secrets for applications under those IDP’s domain . If a user successfully authenticates my application will return an array containing an access code which may be used to make calls to the IDP’s API (Identity Provider Access Tokens).
The successful case: After logging in with Facebook. I can retrieve the access token and make a call to Facebook’s graph API.
The problem: When logging in with Google, I can retrieve an access token. However when I use that access token to make a call to the Youtube Data v3 API, I receive an:
Request had invalid authentication credentials. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.
What I’ve tried:
- Auth0SPA’s
getTokenSilently()
- I have no idea of what type this token returns. The documentation is not explicit. - Auth0ManagementAPI’s
GET /user
endpoint - returns an access token which is rejected by Youtube Data API https://auth0.com/docs/api/management/v2?_ga=2.178387047.219514694.1599842538-835787596.1599842538#!/Users/get_users_by_id - I’ve tried creating an enterprise OpenID Connect Connection via the Enterprise connections enabled by Auth0 - no identities array (which contains the access token) is returned.
Questions I want answered
I’ve figured workarounds however they unfortunately impact the user experience. I’d like to know what getTokensSilently returns, a token for what?
What changes must I make so that I can use the access token returned by the IDP (under the identities array) to make calls to the Youtube Data v3 API?