No Refresh Token Returned for Android Application

Overview

When using the Auth0 Android SDK, no refresh token is available within the credentials manager. This article explains a potential cause.

Applies To

  • Auth0 Android SDK

Cause

This can be caused by incorrect scopes or the targeted API not having offline access enabled.

Solution

Check that the API being used as the audience for authorize requests has “Allow Offline access” enabled under Access Settings.

  • Within the Android application, specify the scope “offline_access” in authentication requests, please see examples below on how to modify the scopes in use:
WebAuthProvider.login(account)
    .withScope("openid profile email offline_access")
    .start(this, callback)

Related References

Further reading on getting refresh tokens: