OAuth Like User-Agent Flow... But There's No User Endpoint... How to Configure? (Actually: Self-handled Authorization for OAuth APIs / Offline Access on Behalf of User)

Thank you thank you thank you :heart: :heart: :heart: :heart: :heart:

I’ve been on this for quite a few hours now, and just adding openid profile fixed it for me!

@keith thanks so much for the detailed write up.

I am running into exactly the same issue and trying to connect to a service which doesn’t provide the User info in their response body that contains their access token.

They do provide a company id which in theory is tied to the user id eventually but unfortunately there is no way in Bubble to change those fields of ID and Email to just fetch ID and Company Name so that I could tie them back to the User myself (It is ok in my case if the user needs to log on first using password to my Bubble app before providing access to the external system).

Haven’t been able to fully replicate all the steps you are describing but so far this is the best description I found that helps with this exact issue.

So just wanted to say Thanks.

I know this thread is ancient, but for those who stumble upon it looking for an answer that uses bubble’s Oauth User Agent Flow (e.g. the oauth is your only authentication method for your app), you can “spoof” the calls. I did a similar thing when I needed to skip step one due to the authorization occurring prior to the user ever reaching the app.

Essentially, set up an API endpoint to return two fields, a unique id and an email. You can generate these however you see fit. Point step 3 of your oauth to your endpoint and to the field names. I did this with a third-party api provider, but you might be able to use bubble public-facing api workflows.

1 Like


can you please share that scope value link. Do we need create open id connect profile over there? As i want a id_token which is sent by google. Will openid connect help in that case?