There was a question raised last year:
But unfortunately it was closed without solution.
I’m seeing the exact same issue.
OIDC Conformant Enabled for application. openid and offline_access in the scope, I can get the refresh token in first authentication, but when I issue request to refresh the token, the response has access_token but no id_token
Please let me know if there is a fix or how may I further debug? For some reason I don’t want to add audience=xxx in my request.
Hi, we are a popular opensource container registry looking to support auth0 in our user management workflows. As @reasonerjt mentioned, we are looking for some guidance on how to correctly retrieve the id_token on refreshes. The workarounds offered in ticket @reasonerjt linked and another ticket embedded within didn’t really yield anything useful.
This is kind of a showstopper for integrating with auth0 for OIDC flows since all of the other identity managers support a model of using id_token so we’d really prefer a single set of logic for sso authentication. If there is a workaround or if it’s being tracked for development, please let us know. Thanks a lot!