I have an SPA application as per Auth0 SPA application definition (using Angular). I am using Auth0 as a client log in mechanism. My application allows for a user to log in with two service providers, IDP(s) or social connections: Facebook or Google . (Given I have supplied Client Id’s and Secrets for applications under those IDP’s domain . If a user successfully authenticates my application will return an array containing an access code which may be used to make calls to the IDP’s API (https://auth0.com/docs/tokens/identity-provider-access-tokens).
The successful case: After logging in with Facebook. I can retrieve the access token and make a call to Facebook’s graph API.
The problem: When logging in with Google, I can retrieve an access token. However when I use that access token to make a call to the Youtube Data v3 API, I receive an:
Request had invalid authentication credentials. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.
What I’ve tried:
- Auth0SPA’s
getTokenSilently()- I have no idea of what type this token returns. The documentation is not explicit. - Auth0ManagementAPI’s
GET /userendpoint - returns an access token which is rejected by Youtube Data API Management API Reference - Auth0 Docs - I’ve tried creating an enterprise OpenID Connect Connection via the Enterprise connections enabled by Auth0 - no identities array (which contains the access token) is returned.
Questions I want answered
I’ve figured workarounds however they unfortunately impact the user experience. I’d like to know what getTokensSilently returns, a token for what?
What changes must I make so that I can use the access token returned by the IDP (under the identities array) to make calls to the Youtube Data v3 API?
