There is no standard way to renew identity provider access tokens through Auth0. The mechanism for renewing identity provider access tokens varies for each provider. In the case of Azure AD, you can request refresh token to renew the access token once it expires. Auth0 dashboard does not allow you to include refresh token scope when autneticating with Azure AD. However, one can set scope manually via Management API and request additional scope.
-
-
Save Tanver-Hasan/640ab259a333151df35c8efe9cbc839f to your computer and use it in GitHub Desktop.
Obtain Azure AD access token and refresh token when using Auth0 as service provider and Azure AD as an Identity Provider
Auth0 documentation :
Identity Provider Access token:
https://auth0.com/docs/tokens/identity-provider-access-tokens
Pass params to IDP :
https://auth0.com/docs/connections/pass-parameters-to-idps
Related Community Post:
https://community.auth0.com/t/access-microsoft-graph-resources-with-an-auth0-login/34719/2
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Example Curl command: copy the options object from the first API call and include upstream_params
Once the user finishes the Authentication with Azure AD, the user should have access_token and refresh token in the identities object.
To obtain Azure AD access token and refresh token, you should call /api/v2/users/{id} endpoint which returns identities object
Then, you can use azure ad access token to call graph API.