Integration and Sharing Refresh Tokens in Corteza for OIDC Authentication

Hi Corteza Community,

I’m working on integrating multiple applications with Corteza as the main panel, and I’m facing challenges related to handling refresh tokens obtained through OIDC authentication.

Here’s a summary of the issues I’m encountering:

  1. Accessing Refresh Tokens via Auth Client API:
    • I’ve noticed that Corteza stores refresh tokens obtained through OIDC in its database. However, I’m struggling to find a way to access these refresh tokens programmatically using the Corteza Auth Client API. I would appreciate any guidance or insights on how to retrieve and utilize these refresh tokens through the API.
  "Code": "",
  "Scope": "profile api",
  "UserID": "356446617575882755 355472184640077827",
  "ClientID": "355472187559247875",
  "RedirectURI": "http://localhost:18080/auth/callback",
  "CodeCreateAt": "0001-01-01T00:00:00Z",
  "CodeChallenge": "",
  "CodeExpiresIn": 0,
  "AccessCreateAt": "2023-11-15T07:17:22.48149918Z",
  "AccessExpiresIn": 7200000000000,
  "RefreshCreateAt": "2023-11-15T07:17:22.48149918Z",
  "RefreshExpiresIn": 259200000000000,
  "CodeChallengeMethod": ""
  1. I’m exploring the possibility of using the Admin->Aplication->App selector->Configuration Box to facilitate the sharing of refresh tokens between Corteza and other applications. The goal is to establish seamless OIDC authentication, allowing users to access other applications from the Corteza main panel without the need for additional logins. If anyone has experience with this or has suggestions on the best practices for handling such configurations, I’d greatly appreciate your input.

Thank you in advance for your assistance!