Skip to content

feat(oauth): Add token exchange grant option to oauth/token #19928

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
LZoog wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat(oauth): Add token exchange grant option to oauth/token #19928

LZoog wants to merge 1 commit into from
+578 −1

Conversation

@LZoog
Copy link
Contributor

@LZoog LZoog commented Jan 23, 2026

Because:

  • We want to allow a refresh token exchange for Mobile, that grants Relay as an additional scope, as the users enrolled will already have signed into Relay web

This commit:

  • Adds the new grant type, sets client IDs and allowed scopes to env vars, currently set to mobile IDs and only Relay scope

closes FXA-12925

@LZoog LZoog requested a review from a team as a code owner January 23, 2026 16:52
@LZoog LZoog changed the title feat(oauth): Add refresh token exchange grant option to oauth/token feat(oauth): Add token exchange grant option to oauth/token Jan 23, 2026
@LZoog
feat(oauth): Add token exchange grant option to oauth/token
6bd8c01 
Because:
* We want to allow a refresh token exchange for Mobile, that grants Relay as an additional scope, as the users enrolled will already have signed into Relay web

This commit:
* Adds the new grant type, sets client IDs and allowed scopes to env vars, currently set to mobile IDs and only Relay scope

closes FXA-12925
@bendk
Copy link

bendk commented Jan 23, 2026

Component side of this: mozilla/application-services#7179

@bendk bendk mentioned this pull request Jan 23, 2026
Open
5 tasks
LZoog
LZoog commented Jan 23, 2026
View reviewed changes
packages/fxa-auth-server/test/oauth/routes/token.js
});

it('rejects tokens from non-Firefox clients', async () => {
const NON_FIREIOS_FOX_CLIENT_ID = '123456789a';
Copy link
Contributor Author

@LZoog LZoog Jan 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

NON_FIREIOS_FOX_CLIENT_ID ha, bad find-and-replace, will update with next push.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@LZoog @bendk