Refresh social token fetched from ListSocialAuthTokens

mattiasback · December 22, 2021, 11:22am

Hey,

I’m working on an API where we use Okta as identity provider.
I also provide social login via Microsoft Idp.

I have a client that needs to get hold of the social token in order to communicate directly to the Microsoft APIs.

I use the com.okta.sdk:okta-sdk-api library to fetch social tokens from Okta using the function
ListSocialAuthTokens.

It returns a list of tokens that may have token type access token or refresh token.

I thought that Okta would provide a refreshed token once the social access token expired, but it turns out it does not.

Question: How am I supposed to get a valid social access token from Microsoft (or any other idp) once the current one expires? I can’t find in the documentation how to use the refresh token if that’s the solution.

andrea · December 29, 2021, 12:31am

Looks like we only store the Access token and the ID token issued by the external OIDC IdP. Internally, Okta also would not use a refresh token, as the only time the user’s session with their Identity Provider would matter to Okta is during the federated authentication to create their Okta session. Once their Okta session is created, that’s the only one that can be refreshed on the Okta side, so it sounds like what you’re hoping to do is not possible.

system · February 8, 2024, 9:10pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.

Post		Replies	Views
Token exchange for Social Logins OAuth/OIDC	3	1886	February 15, 2024
Refresh token for idp auth? Questions	2	4863	March 6, 2018
Utilising refresh tokens with the javascript sdk OAuth/OIDC reactjs , javascript	2	2087	February 15, 2024
Refresh token question Questions	2	4454	January 18, 2024
Refresh token in implicit flow OIDC (SPA apps) OAuth/OIDC	10	10354	November 8, 2020

Refresh social token fetched from ListSocialAuthTokens

Related topics