Refresh Token for Hooks?

Hello,

I’m currently utilizing Auth0 formy FE SPA/ BE .NET Core API application.

I have an Auth Pipeline hook that creates a user in my BE database when a new user is created from the Auth0 signup. In order to create that user in my BE, a token is needed to access the create user endpoint. Currently the hook that I’ve got uses a token that expires every few days, and I’ve read the max is 30 days, but what I would like is a token that never expires, re: something like a Refresh Token.

Is it possible to use a Refresh Token from an Auth0 Pipeline hook? Is that best practice and what would that wiring even look like? Or is there another way to get a token with a longer expiration? Even 6mos to a year would be great.

Any feedback would be appreciated.

Thank you!

Hi @seth2,

Welcome to the Community!

You can use a client credentials grant in your machine to machine application (the hook). This is very similar to a refresh token, as the client credentials do not expire and can be used to request a new token.

Thanks so much for your response, Dan! I will check out this article and see how best to get it working with my API. If I have any more questions I’ll come back and bug you :smile:

1 Like

Perfect! Let me know if you run into anything. :sunglasses: