[keycloak-dev] How to get refresh keys from Google Identity Provider?
Nick Powers
sshscp at gmail.com
Fri Jul 19 13:45:49 EDT 2019
Hello,
I have Keycloak configured and working with Google Identity Provider. I
have configured the Default Scope of
https://www.googleapis.com/auth/youtube.force-ssl.
It seems that Google is getting that scope because when I authenticate
against Keyclock, Google is asking me for the permissions that match that
scope.
>From there I am able to get the user's access token through the Keycloak
API. What I cannot get is the Google refresh token. My understanding is
to get the refresh token from Google access_type=offline needs to be
appended to the Google Auth URL.
I have been unable to find how I can get Keycloak to
append access_type=offline to the URL so I can gain access to the Google
refresh token, for offline access.
Does anyone know what I need to do to have Keycloak request that offline
access so I can retrieve the Google refresh token?
Thanks for your help!
Nick
More information about the keycloak-dev
mailing list