API for user details & OAuth refresh token

sitole · September 11, 2023, 2:59pm

Hello,
we are currently implementing Neon OAuth into our application.
User will be able to connect database hosted by Neon with one-click. Side request is to allow sign in with Neon account. OAuth works great but currently we have two issues:

I was not able to find any API endpoint in documentation that will give me some username / email address for currently authorized user (we need that for us to create user account for Neon user authorized via OAuth).
When OAuth code is received we are requesting long-term auth key and that works but response from OAuth API endpoint provided by Neon contains only “access_token” with “expires_id” but response does not include “refresh_token”. Documentation for OAuth also does not contains any word how to refresh tokens etc.

Would be nice to resolve this two issues.
Thank you!

sitole · September 12, 2023, 9:34am

It’s not in documentation but i manually found https://console.neon.tech/api/v2/users/me endpoint that is called in Neon dashboard to get user metadata.

Mike_Jerome · September 13, 2023, 9:54am

Hey Jiri—I will discuss with the team adding the /users/me endpoint to our docs.

We do support OpenID Connect Discovery, so you can get the URLs you need from https://oauth2.neon.tech/.well-known/openid-configuration.

Typically, this is automatically handled by OAuth 2.0 clients. For example, this neonctl written in TypeScript gets the refresh token along with the access token automatically and has an example of using it with OpenID Connect Discovery. The oauthHost would be https://oauth2.neon.tech .

sitole · September 13, 2023, 11:17am

Thank you,
just for future me or anyone who wants to use Neon OAuth, you must add offline and offline_access scopes to receive refresh_token you are welcome

Daniel · September 20, 2023, 2:12pm

The Get current user details endpoint is now included in our API docs.