You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
'twitter:description': Learn how Token Vault securely stores federated access and
10
+
'twitter:description': Learn how Token Vault securely stores third-party access and
11
11
refresh tokens.
12
12
'twitter:title': Token Vault
13
13
---
@@ -19,7 +19,7 @@ Token Vault is currently available in Early Access for public cloud tenants. To
19
19
20
20
Token Vault enables your applications to securely access third-party APIs on the user's behalf. There is no need to manage <Tooltiptip="Refresh Token: Token used to obtain a renewed Access Token without forcing users to log in again."cta="View Glossary"href="/docs/glossary?term=refresh+tokens">refresh tokens</Tooltip> or build custom integrations per provider—Auth0 handles it all for you. You gain access to a wide range of external providers’ APIs and services, all through a single Auth0 integration.
21
21
22
-
When a user authenticates with a supported external provider and uses <Tooltiptip="OAuth 2.0: Authorization framework that defines authorization protocols and workflows."cta="View Glossary"href="/docs/glossary?term=OAuth">OAuth</Tooltip> scopes to authorize access, Auth0 stores the access and refresh tokens for that connection in the Token Vault. Token Vault organizes the federated tokens issued by external providers into tokensets, with one tokenset per authorized connection.
22
+
When a user authenticates with a supported external provider and uses <Tooltiptip="OAuth 2.0: Authorization framework that defines authorization protocols and workflows."cta="View Glossary"href="/docs/glossary?term=OAuth">OAuth</Tooltip> scopes to authorize access, Auth0 stores the access and refresh tokens for that connection in the Token Vault. Token Vault organizes the third-party tokens issued by external providers into tokensets, with one tokenset per authorized connection.
23
23
24
24
You can then call the external provider's APIs using these stored credentials via Auth0 to get a user’s Google Calendar events, access GitHub repos, create a Microsoft Word document, and more.
25
25
@@ -35,12 +35,12 @@ For Early Access, Auth0 supports Token Vault for the following social and enterp
35
35
36
36
## How it works
37
37
38
-
When a user authenticates with a supported external provider and authorizes the federated connection:
38
+
When a user authenticates with a supported external provider and authorizes the third-party connection:
39
39
40
40
1. Auth0 obtains access tokens using OAuth 2.0 scopes to control access. Users explicitly approve requested permissions.
41
-
2. Auth0 securely stores federated access and refresh tokens in the Token Vault.
41
+
2. Auth0 securely stores third-party access and refresh tokens in the Token Vault.
42
42
3. The application [links user accounts](/docs/manage-users/user-accounts/user-account-linking) with the user's consent. As a result, the user won’t have to create separate accounts for each external provider.
43
-
4. Your application calls Auth0 to exchange a valid Auth0 refresh token with an access token for a federated connection. Your application can perform this exchange multiple times while Auth0 manages refreshing the federated access tokens stored in the Token Vault. Using a federated access token, your application can call third-party APIs on the user’s behalf.
43
+
4. Your application calls Auth0 to exchange a valid Auth0 refresh token with an access token for a third-party connection. Your application can perform this exchange multiple times while Auth0 manages refreshing the third-party access tokens stored in the Token Vault. Using a third-party access token, your application can call third-party APIs on the user’s behalf.
44
44
45
45
Token Vault allows for seamless federated identity and simplifies integration across multiple external providers via a single Auth0 interface.
0 commit comments