Obtain a Refresh Token
In the previous post we saw how to implement a basic device flow authentication for a console application.
Now we will see how to refresh the token in order to don't insert every time the credentials.
First of all, create an API from the Auth0 Dashboard.
Click on Applications and then to APIs.
From here create a new API and from the Access Settings, make sure "Allow Offline Access" is enabled.
Now we can change the code from the preview sample, and change add the Audience parameter at line 12:
request.AddParameter("application/x-www-form-urlencoded", $"client_id={clientId}&scope=offline_access+openid+profile&audience=YOUR-AUDIENCE", ParameterType.RequestBody);
You can find the audience parameter from the API details page.
From the General Settings, you can copy the value called "Identifier".
Now you can refresh the token with the following code:
client = new RestClient($"https://{tenant}.auth0.com/oauth/token");
request = new RestRequest();
request.Method = Method.Post;
request.AddHeader("content-type", "application/x-www-form-urlencoded");
request.AddParameter("application/x-www-form-urlencoded", "grant_type=refresh_token&client_id=CLIENT-ID&client_secret=CLIENT-SECRET&refresh_token=REFRESH-TOKEN", ParameterType.RequestBody);
response = client.Execute(request);
Replace the values with the uppercase name with your values.
It's not a best practices to refresh the token every time you need to call the API, but just the first time.
Auth0 is a smart service and store the caller IP as well.
Customize the User Code generated for your applications
From the Dashboard -> Settings -> Advanced, you can configure the format of the User Code that Auth0 generates for the device flow authentication.
You can change the characters set and the mask as well.
By default the mask is - but, for instance, you can add more characters by changing the value like --***.
In this case you will obtain a code like: BCDF-GHJK-LMNP.
Remove a device from a user
If you want to unlink a device from a user, you can navigate on the Auth0 Dashboard, then User Management, Users and click on the tab "Devices".
By clicking on the recycle bin icon, you resent the refresh token and the user needs to re-login again.
Create an account to Auth0
If you need an account for Auth0, you can use the following link: https://a0.to/signup-for-auth0.
You can use the free version of the service to test your applications and for your development environments.
Thanks for reading this post, I hope you found it interesting!
Feel free to follow me to get notified when new articles are out 🙂
Top comments (0)