ColinFrick
commented
1 year ago I'm working on this.
Open mooreds opened 2 years ago
ColinFrick
commented
1 year ago I'm working on this.
ColinFrick
commented
1 year ago Hey @mooreds you mentioned that the token can be exchanged for an access token. Do you have some links for that? I don't seem to find any good information about that.
mooreds
commented
1 year ago @ColinFrick it depends on the identity provider, but in general we store a value on the identity link which has a long lived token.
FusionAuth will also store the refresh_token returned from the external OpenID Connect provider, if such a token is provided, in the identityProviderLink object. This object is accessible using the Link API.
This means that for an OIDC Identity Provider, you'd need to request offline_access and you should get a refresh token in the identity link object.
Google on the other hand has the id token, which is not useful.
FusionAuth will also store the Google id_token returned from the Google API in the identityProviderLink object. This object is accessible using the Link API.
FusionAuth will also store the Apple refresh_token returned from the /auth/token endpoint in the identityProviderLink object. This object is accessible using the Link API.
Does that help?
ColinFrick
commented
1 year ago Thanks @mooreds I did look into Google extensively so that’s why it never worked 🙄
mooreds
commented
1 year ago Ah, sorry about that.
mooreds
commented
12 months ago @ColinFrick how much work have you done on this? Was thinking about reassigning it due to the priority of the mobile SDK work.
ColinFrick
commented
12 months ago Was still in the prototyping phase.
I set up login with YouTube and X (formerly Twitter), and created a web app that allows you to upload videos to both platforms (depending if you linked the account).
mooreds
commented
12 months ago Okay. I won't reassign for now, but let's definitely prioritize the mobile work.
We support IDP links, which is a cool feature. This lets someone connect Facebook, Google, etc, into one account using FusionAuth to do the heavy lifting. Then, a long lived token is present on the links object for that user, and can be used to get an access token and then do some API work.
The example I saw was someone wanting to build a way to upload video to multiple services.
Would be good to build out an example app and blog post explaining how to do this, as it is a relatively unique feature.
https://fusionauth.io/docs/v1/tech/apis/identity-providers/links is the API to use.