Hi, as I see auth0 doesn’t support on-behalf-of flow. Could you recommend an alternative? I want to avoid a “handmade” solution for this case.
Thanks in advance.
If you are looking for an alternative to the “on-behalf-of” flow with Auth0, you can consider using a solution like AWS Cognito or Azure Active Directory (AD) as your OIDC provider. Both AWS Cognito and Azure AD support the “on-behalf-of” flow, which allows you to obtain access tokens on behalf of a user.
AWS Cognito supports the “on-behalf-of” flow through its OAuth 2.0 support. You can configure your application to use AWS Cognito as the identity provider and utilize the “on-behalf-of” flow to obtain access tokens for a user.
Azure AD, on the other hand, provides robust support for the “on-behalf-of” flow through its OAuth 2.0 capabilities. You can configure your application to use Azure AD as the identity provider and leverage the “on-behalf-of” flow to obtain access tokens on behalf of a user.
Both AWS Cognito and Azure AD offer comprehensive documentation and SDKs that can guide you through the setup and implementation of the “on-behalf-of” flow.
There is no direct way to do OBO flows. But using Custom Token Exchange in Early Access, which you can use to swap one token for another—effectively enabling OBO‑style scenarios
Ignore the original answer. Apologies for any confusion