Passwordless Login Refresh Token

Hey All,

I’ve been trying to implement the Passwordless Authentication flow, but have found that I only receive an access_token, and not a refresh_token.

I’ve looked at a few posts recommended in these posts:

But I am wondering if it’s possible to use your own UI (Auth0-js) and retrieve refresh_tokens with the magic-link passwordless flow?

Also, from those posts and linked articles, I could not find any specifics about what needs to be implemented to get a refresh_token.

In my particular use-case, I am looking to get the refresh_token in the hash string of the redirect_uri, same way we get the access_token currently

Thanks in advance!

1 Like

Have you found a solution yet? I try to get the “refresh_token” using WebAuth.passwordlessLogin with offline_access scope. However, all I get is an empty “refreshToken”


Similar questions over here. I’m working on an Electron.js desktop app and I’d like to receive a refresh_token for offline use. I’m calling the start endpoint like so:

	"client_id": "<client_id>",
	"connection": "email",
	"email": "<user-email>,
	"authParams": { 
    "scope": "offline_access", 
    "grant_type": "refresh_token"

I correctly receive the email and clicking on the link results in the following: <url>#access_token=<access-token>&scope=offline_access&expires_in=7200&token_type=Bearer. I never see the refresh-token despite the grant_type/offline scope passed correctly.