This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
Store both access_token and id_token, not mutually exclusive #1291
Comments
|
I'm with you here on this one. It's been a problem for the past year for me. |
|
I am facing a similar problem. I would like to use the ID token for Hasura authorization. Also, the authentication process requires access to the Auth0 API, which requires an access token. https://auth0.com/docs/security/tokens If multiple responseTypes are set in I can get ID token by specifying only I want a mechanism that can obtain both an access token for login and an ID token for using the application. |
This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
This is a request as follow up to the closed issue, #366.
I seem to be running into a similar issue using the identity provider support for Cognito User Pools. According to the documentation, /userinfo must send an access_token: https://docs.amazonaws.cn/en_us/cognito/latest/developerguide/cognito-user-pools-oidc-flow.html
However, to authenticate a user with an integrated API Gateway using the Cognito User Pool Authorizer, the id_token must be used: https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-enable-cognito-user-pool.html
So this is yet another use case where the auth library needs to store both the access_token and the id_token.
The text was updated successfully, but these errors were encountered: