Access Tokens

Auth0.Android Configuration Options

Auth0.Android can be configured with a variety of options, listed below.

Access Token Structure


The withConnection option allows you to specify a connection that you wish to authenticate with.

Opaque Access Tokens


Code grant is the default mode, and will always be used unless calling useCodeGrant with false, or unless the device doesn't support the signing/hashing algorithms.

Before you can use Code Grant in Android, make sure to go to your Dashboard and check in the application's settings that Application Type is Native.

JSON Web Token Access Tokens


Using Access Tokensscopes can allow you to return specific claims for specific fields in your request. Adding parameters to withScope will allow you to add more scopes. You should read our documentation on scopes for further details about them.


Note that the default scope used is openid

Access Token Security


There may be times when you need to authenticate with particular connection scopes, or permissions, from the Authentication Provider in question. Auth0 has documentation on setting up connection scopes for external Authentication Providers. However, if you need specific access for a particular situation in your app you can do so by passing parameters to withConnectionScope. A full listing of available parameters can be found in that connection's settings in your Dashboard, or from the Authentication Providers's documentation. The scope requested here is added on top of the ones specified in the connection's settings in the Dashboard.

Access Token Lifetime


To send additional parameters on the authentication, use withParameters:

Custom APIs


If you are not using Android "App Links" or you want to use a different scheme for the redirect URI, then use withScheme. Note that you'll need to update the auth0Scheme Manifest Placeholder in the app/build.gradle file and the whitelisted Allowed scopeCallback URLs on the Dashboard in the Application's settings to match the chosen scheme.

Scheme must be lowercase!

/userinfo endpoint


To provide an JSON Web Token (JWT)audience, use withAudience.

Next Steps


By default a random state is always generated and sent. If you need to use a custom value instead, use withState:


By default a random JSON Web Token (JWT)nonce is generated and sent when the response type includes id_token. If you need to use a custom value instead, use withNonce: