Retrieve Oauth2 access token of the current user from Kratos #1511
-
|
Hello, First, thanks for this amazing open-source project and all the work involved ! I did some research about my question but didn't find anything, let me know if it was already answered :) To sum up: from an external service, I need to retrieve an Oauth2 access token of the current user from Kratos. The context is the following:
So, the use case is to be able from my service to :
The first idea that comes to me is the following: add the Oauth2 access token as a user trait and map it during
What do you think about the use case and the possible solution ? Thanks |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
Hi @thomasboni, This seems related to this discussion #1264 and this issue #397. Kratos does not store the access token from the OIDC provider and only has the claims available which you can then map using jssonet shown in our docs. You can see in the Kratos code base here and here only the claims are extracted and mapped. Currently it is not possible to retrieve the access token from Kratos and would require you to re-initialise a login request to the OIDC provider on your own service to use the token. I hope this answers your question :) |
Beta Was this translation helpful? Give feedback.
-
|
Hi @Benehiko, yes you answered perfectly my question :), thanks ! I'm going to follow the related issue and contribute to it ;) |
Beta Was this translation helpful? Give feedback.
Hi @thomasboni,
This seems related to this discussion #1264 and this issue #397.
Kratos does not store the access token from the OIDC provider and only has the claims available which you can then map using jssonet shown in our docs. You can see in the Kratos code base here and here only the claims are extracted and mapped.
Currently it is not possible to retrieve the access token from Kratos and would require you to re-initialise a login request to the OIDC provider on your own service to use the token.
I hope this answers your question :)