Refresh Tokens: Seem to renew access to Auth0 API's but not Idp API's?

Your documentation says you can use refresh tokens with LinkedIn - https://auth0.com/docs/connections/social/linkedin - “Optional: Get a Refresh Token from LinkedIn to refresh your Access Token once it expires. To ensure your application is secure, pay close attention to the restrictions on using Refresh Tokens.”

I’ve found that the refresh tokens administered from the /oauth/token endpoint when used with the grant_type=refresh_token returns a new access token that can only be used to access endpoints like the Auth0 Authentication API’s /userinfo endpoint, NOT LinkedIn.

This leads me to my final question - Will the LinkedIn access tokens found in the response from the Get Users by ID endpoint expire? How often will they change? The idea was to refresh these tokens as they expire after a certain period of time. I don’t understand how using refresh tokens to get new Auth0 Authentication access tokens is in anyway related to my LinkedIn IDP access token??

Hi @jackb,

It looks like linkedin access tokens are valid for 60 days by default.

I am not sure specifically about linkedin, but it is possible that auth0 stores a refresh token. If so it would be available by following this doc.

Hope this helps!

Thanks,
Dan

That does help quite a lot. Thank you! @dan.woda

I have not seen a refresh token in the identities array for LinkedIn though…
even though that doc states that refresh tokens are supported by:

  • BitBucket
  • Google OAuth 2.0 (you need to pass the parameter access_type=offline when calling the Auth0 /authorize endpoint)
  • Any other OAuth 2.0 IdP
  • SharePoint
  • Azure AD

It says “Any other 0Auth 2.0 IdP”
LinkedIn is a 0Auth 2.0 IdP.

Could you ask around and see if you can confirm if anyone knows for sure if LinkedIn refresh tokens are possible with the Auth0 platform?

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.