Refresh Token for Hooks?

seth2 · November 18, 2020, 2:41pm

Hello,

I’m currently utilizing Auth0 formy FE SPA/ BE .NET Core API application.

I have an Auth Pipeline hook that creates a user in my BE database when a new user is created from the Auth0 signup. In order to create that user in my BE, a token is needed to access the create user endpoint. Currently the hook that I’ve got uses a token that expires every few days, and I’ve read the max is 30 days, but what I would like is a token that never expires, re: something like a Refresh Token.

Is it possible to use a Refresh Token from an Auth0 Pipeline hook? Is that best practice and what would that wiring even look like? Or is there another way to get a token with a longer expiration? Even 6mos to a year would be great.

Any feedback would be appreciated.

Thank you!

dan.woda · November 18, 2020, 10:32pm

Hi @seth2,

Welcome to the Community!

You can use a client credentials grant in your machine to machine application (the hook). This is very similar to a refresh token, as the client credentials do not expire and can be used to request a new token.

seth2 · November 19, 2020, 6:57am

Thanks so much for your response, Dan! I will check out this article and see how best to get it working with my API. If I have any more questions I’ll come back and bug you

dan.woda · November 19, 2020, 4:23pm

Perfect! Let me know if you run into anything.

system · December 4, 2020, 4:23pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.