To configure callbacks for whenever a user successfully authorizes a third-party OAuth account, use the useOAuthTokens hook:

import {useOAuthTokens, type OAuthTokens} from '@privy-io/react-auth';

const {reauthorize} = useOAuthTokens({
  onOAuthTokenGrant: ({tokens, user}) => {
    // Any logic you'd like to execute after Privy has granted a user an app
    // access token or has refreshed their existing token
    api.push({accessToken: tokens.accessToken, refreshToken: tokens.refreshToken, userId: user.id});
  }
});

// You may also call `getAccessToken` to get the user's current access token

As parameters to useOAuthTokens, you may include an onOAuthTokenGrant callback.

The component where the useOAuthTokens hook is invoked must be mounted on the component/page the user returns to after authorizing an OAuth flow in order for this callback to execute.

onAccessTokenGranted

If set, the onOAuthTokenGrant callback will execute after a user returns to the application from an OAuth flow authorization. This happens in 3 cases:

  • When the user logs in via an OAuth/social login method,
  • When a user links a new OAuth account to their user account,
  • When a successful reauthorize call is invoked, and the user authorizes an existing OAuth account.

Within this callback, you can access:

  • provider: the OAuth provider, is one of 'apple', 'discord', 'github', 'google', 'linkedin', 'spotify', 'tiktok', 'instagram', and 'twitter'.
  • accessToken: the OAuth access token
  • accessTokenExpiresInSeconds: the number of seconds until the OAuth access token expires
  • refreshToken: the OAuth refresh token
  • refreshTokenExpiresInSeconds: the number of seconds until the OAuth refresh token expires. If the refresh token is present and this field is undefined, it is assumed that the refresh token does not have an expiration date
  • scopes: the list of OAuth scopes the access token is approved for.

Learn more about how to use OAuth access and refresh tokens here.

Within this callback, you can also access a reauthorize method, which will allow a user to re-authorize an existing OAuth account in order to retrieve more up-to-date OAuth tokens and account metadata.

Was this page helpful?