Auth0 Home Blog Docs

Using auth0 to get token to then use for API requests to 3rd parties?



I can’t quiet wrap my head around how to do auth0 for the following workflow. Perhaps it is simple and I’m over thinking it:

What we need to do is leverage auth0 to let a user login to a social site (like facebook) and then use the resulting token to make API requests to the social site’s API itself. In other words, I don’t want to simply authenticate with facebook, but I want to make use of the resulting token to call facebook APIs. The client will be a webpage, so we aren’t going to be taking these tokens and using them for nefarious purposes. So ideally this would be the flow:

  1. User logs into our app (using auth0) using a non-facebook login.
  2. The user then clicks some link and via auth0 authorizes access to facebook using oauth0.
  3. Once #2 happens, then client can then use the resulting token to make API calls to facebook’s API. So the token would need to be a facebook token, not an auth0 token (I think)

Any ideas how I would go about doing this with auth0? Any help would be greatly appreciated!

P.S. The social site in question is not actually facebook; it is an enterprise app that would not be interesting to most users. But the concept for what I need is the same.