I am following the guide to retrieving the id, access, and refresh token for a nodejs project. I am utilizing authorization_code flow, where the user logs in via the default auth0 account login(non-3rd party login).
When I make the request successfully I only receive the users access token, but not the id token. I am making the request to the /oauth/token with the authorization code present.
Here is the guide I am following:
The request is returning successfully with 200 status response. For more context I am on the free subscription account tier.
Could the error be due to mu auth0 account configuration? or maybe something else.
CodePudding user response:
You need to specify the scope with offline_access in order to retrieve the refresh_token. It is also mentioned in the same guide which you have linked above
Include offline_access to get a refresh token (make sure that the Allow Offline Access field is enabled in the Application Settings).
So you can just add new parameter scope: offline_access along with your other params
CodePudding user response:
It looks like your scope is empty. You might need to add openid and profile to the scope param to get the id token.
It would help if you could show your authorize request too (step 1 in that guide).
Then, ya, what Umakanth said about the refresh token. Need to add offline_access to the scope.
Include offline_access to get a refresh token (make sure that the Allow Offline Access field is enabled in the Application Settings).