I’m trying to retrieve the refresh token for a given provider via the Auth0 Management API. Our intention is to store this for later use by non-interactive clients of that provider. I’ve identified this is possible with a raw HTTP request in .NET as follows:
using (var httpClient = new HttpClient())
{
httpClient.DefaultRequestHeaders.Clear();
httpClient.DefaultRequestHeaders.Add("Authorization", $"Bearer {managementApiToken}");
var response = await httpClient.GetStringAsync($"https://{domain}/api/v2/users/{userIdentifier}");
var userProfile = JsonConvert.DeserializeObject<Auth0UserProfileResponse>(response);
var identity = userProfile.identities.FirstOrDefault();
var token = identity?.refresh_token ?? userProfile.app_metadata?.refresh_token;
if (token == null)
{
throw new Exception("No refresh token found on user profile");
}
return new RefreshToken(token, identity?.provider);
}
Given an Auth0 user Identity along the lines of, e.g., google-oauth2|0123456789012347890
, we can retrieve the refresh token from Google by inspecting the refresh_token
element of the identity object returned from the Get Users by ID API. However, the same is not possible when using the Auth0 .NET Management API client library: the Refresh Token is not exposed as a property on Auth0.ManagementApi.Models.Identity
. Is this a deliberate choice? If so, what is the recommended (and supported) way of retrieving a provider’s refresh token for a given user?