Credential Vaults

Authress provides a first-class credential vault. A credential vault is a secure store of OAuth2 and other tokens that are retreived throughout the user's authentication lifecycle.

Since Authress is able to connect with any registered OAuth provider, The result of the login with the third party provider is a credential saved in the Authress Credential Vault.

Often the federated login process is transient, and a user logins in with their social identity provider. Once they do that, Authress verifies their identity and generates a new Authress identity JWT and access token to be used in your software.

However, there are cases where you might want to use their identity provider's login to fetch details about their social identity or access their identity provider's other resources. A common example is to create get a list of their team members from their Google Workspace or offer the ability to manage their Microsoft OneDrive. To interact with the identity provider's cloud resources, you will need to request the user's connection credentials from the credential vault.

📄️ Connecting to an identity provider's API

By using refresh tokens a service client can generate access tokens and make requests to a provider's API.