Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Auth0 not returning Access Token #397
I have a proposed PR to make, but wanted to get feedback here first. The PR should be simple to implement, but will introduce a breaking change to the Auth0 plugin.
The current implementation of the Auth0 integration is not standards compliant to Auth0 specs. What it is essentially doing is getting the Id Token and then naming and saving it as
What this essentially means is we are unable to call any of the Auth0 endpoints like /userinfo that require sending back their Access Token as all we really have in our possession at this point is their Id Token.
So, I propose a breaking change to the Auth0 plugin that would replace Line 77 with something like this:
With the new
The access token that gets returned from Auth0 will be opaque and not in JWT format. If you want an Access Token in JWT format that is not opaque and can be used to store/retrieve information in it, then in the Auth0 portion of the your
The key here is to pass in the