Auth0.js: Is there a way to silently replace a google access_token into an auth0 access_token?

Question

auth0 version: 9.3.3

I'm developing a chrome extension that uses Google Identity API. When my extension is loaded when the user is already authorized by Google, so it seams like an overhead to show the authentication popup again by the:

Auth0Js.authorize({connection:'google-auth2'})

I already have the google access_token by:

chrome.identity.getAuthToken({}, function (access_token) {...})

that looks like:

ya29.GmCGBfZPOwM725oSok08AdMLQGHYNr50Ax9TAQVoHGjEkAS1gdv-R_1H_LBd6Fe9YgEjWm8eejTYk5IyCWGrdDn6P1R8ahRQW768_SDf7nD8Yq0kj2VXoBZVNYyiIDWtFP0

but I still need the auth0 token. Is there a way to silently exchange a google access_token into an auth0 access_token?

MMM · Accepted Answer · 2018-06-12T13:03:30.693

1

The solution is found: https://auth0.com/docs/connections/calling-an-external-idp-api
The original google access_token can be obtained by the Auth0 Management API.

The steps to follow are:

Get an Access Token that allows you to call the Auth0 Management API.
Call the Auth0 Management API's Get Users by ID endpoint, using the Access Token obtained in step one. This endpoint returns the full user's profile, which contains the IdP Access Token.
Extract the IdP Access Token from the response and use it to call the IdP's API.

edited Jun 12 '18 at 13:03

answered Jun 11 '18 at 09:43

MMM

103
13

While links can be useful, it is recommended to include the contents of the links as the answer will be of no use if the data on links is removed or replaced. – Shubham Kadlag Jun 11 '18 at 10:15

Auth0.js: Is there a way to silently replace a google access_token into an auth0 access_token?

1 Answers1