How to consume an provider API after user logged in

[MatteoGauthier]

Your question
How to get accessToken from the user ?

What are you trying to do
I wanted to find the accessToken for my user after he logged in.

Documentation feedback

• Found the documentation helpful
• Found documentation but was incomplete
• Could not find relevant documentation
• Found the example project helpful
• Did not find the example project helpful

[ndom91]

I've never done it myself, but I believe you're going to want to use a custom callback on signin.

After sign-in you can access the info in the JWT callback.

See: https://next-auth.js.org/configuration/callbacks#jwt-callback

The contents user, account, profile and isNewUser will vary depending on the provider and on if you are using a database or not. If you want to pass data such as User ID, OAuth Access Token, etc. to the browser, you can persist it in the token and use the session() callback to return it.

[mAAdhaTTah]

Related to #447.

[glawler]

I see there is a session cookie named next-auth.session-token.

(This is the encoded jwt. Is there a better way to get this than reading the cookie directly? In the jwt callback the token is already decoded. I need it encoded to then pass to my API server via the Authorization: Bearer ... header....)

Edit (after response already given): That cookie is httpOnly, which means it is not accessible to an application that wants to hten stuff it into a header when calling into a protected REST API. It looks like yuo cannot get the token directly on the client side? This means next-auth doesn't currently support using provider APIs I guess.

[iaincollins]

@glawler If you pass the option raw: true to the getToken() helper you should get the raw JWT you can pass through.

[glawler]

I'm sorry for being dense here, but I'm looking to get the token to add to a request. getToken() wants to take a request and seems to want to be called server-side. How do I get the encoded jwt to add to a request header that I'm then passing into a protected API?

Specifically like

const token = somehoReadToken()

const opts = {                          
  headers: {                            
    Accept: 'application/json',         
    'Content-Type': 'application/json', 
    Authorization: 'Bearer ' + token,  
  }                                     
}                                       
                                        
return fetch("http://api.foo.bar/thing", opts)      
  .then(res => res.json())              

(If there's a better forum for this, slack, IRC, etc, please let me know.)

[glawler]

Oh, this looks to be fixed/amended in #513. Sorry for the noise.

[stale[bot]]

Hi there! It looks like this issue hasn't had any activity for a while. It will be closed if no further activity occurs. If you think your issue is still relevant, feel free to comment on it to keep ot open. Thanks!

[MatteoGauthier]

Any update about this problem

[balazsorban44]

Hi @MatteoGauthier. Could you please provide a bit more information about your usecase? What kind of provider are you using? Where do you need the access token? Do you maybe have a reproduction repository you can link to?

[tesharp]

You can also add it to the session in callback. Session already have a property for accessToken. Then it is available client side if you need to send to some apis

callbacks: {
    session: async (session, user: any) => {
      session.accessToken = user.accessToken;
      return Promise.resolve(session)
    },
    jwt: async (token, user, account, profile, isNewUser) => {
        const isSignIn = (user) ? true : false
        if (isSignIn) {
            token.accessToken = account.accessToken;
        }
        return Promise.resolve(token)
    }
  }

[TimNZ]

Example of consuming accessToken in a signIn callback to grab an email address from Linkedin in this discussion: #976