Unable to obtain refresh token from social login with native API

I am unable to obtain refresh token after logging in via social connections, even if offline_access scope is included. The refresh_token grant type is enabled in application settings. I am having this issue with both the Android SDK and the iOS SDK.

A snippet of the code I am using to trigger social login:

WebAuthProvider.login(account)
            .withScope("openid profile email offline_access")
            .withConnection("google-oauth2")
            .withAudience("myaudience")
            .start(context, callback)

Any help is much appreciated!

Hi @kenneth,

Welcome to the Community!

Have you enabled refresh tokens (offline access) in your API settings?

Hello Dan, the only API i have is the management API which I cannot change. I don’t need to call any API actually, I just need the access token and refresh token for authentication purpose.

Thanks for the added info. It may be because you are sending an audience param with your request. You can omit that param if you aren’t requesting an access token for an API.

I tried doing that and it still wouldn’t return a refresh token (and an id token for that matter), it seems like it’s doing an implicit flow because when i tried to exclude implicit_flow from the list of grant types i get an error page indicating that implicit_flow isn’t enabled, even though afaik both native SDKs use PKCE flow. i know that using implicit grant i will not receive a refresh token, but i can’t figure out a way to use PKCE instead of implicit grant.

Any help from anyone? I still cannot figure out what the issue is.

It’s finally working on Android for some reason, but it’s still not working on iOS.

It shouldn’t be using the implicit flow.

Can you post a code snippet of your Auth0 iOS implementation?

Actually, after some more tweaking, I managed to get it working:

Auth0
      .webAuth()
      .scope("openid email profile offline_access")
      .connection("google-oauth2")
      .start()

It is probably because of the audience parameter that i originally put in. Thank you dan!

1 Like

Great news! Thanks for posting an update. Let us know if you run into anything else.

1 Like