Retrieve the access token issued by a third-party social provider

GET /api/my-account/identities/{target}/access-token

This API retrieves the access token issued by a third-party social provider for a given social target. Access is only available if token storage is enabled for the corresponding social connector. When a user authenticates through a social provider, Logto automatically stores the provider’s tokens in an encrypted form. You can use this API to securely retrieve the stored access token and use it to access third-party APIs on behalf of the user.

Path parameters

target string Required

Minimum length is 1.

Responses

200 application/json

The access token was retrieved successfully.
Hide response attributes Show response attributes object
- access_token string Required
- scope string
- token_type string
- expires_in number | string
  
  One of:
  number-1 number string-2 string
400

Bad Request
401

Permission denied, the access_token is expired and the offline_access scope is not granted or expired.
403

Forbidden
404

The social identity does not exist or the access token is not available.
422

Unprocessable Content

GET /api/my-account/identities/{target}/access-token

curl \
 --request GET 'https://[tenant_id].logto.app/api/my-account/identities/{target}/access-token' \
 --header "Authorization: Bearer $ACCESS_TOKEN"

Response examples (200)

{
  "access_token": "string",
  "scope": "string",
  "token_type": "string",
  "expires_in": 42.0
}