The following are methods for AuthToken. All methods are static.
public static String getAccessToken(String authProviderId, String providerName)
Type: String
public static Map<String, String> getAccessTokenMap(String authProviderId, String providerName)
public static Map<String, String> refreshAccessToken(String authProviderId, String providerName, String oldAccessToken)
This method works when using Salesforce or an OpenID Connect provider, but not when using Facebook or Janrain. The returned map contains AccessToken and RefreshError keys. Evaluate the keys in the response to check if the request was successful. For a successful request, the RefreshError value is null, and AccessToken is a token value. For an unsuccessful request, the RefreshError value is an error message, and the AccessToken value is null.
When successful, this method updates the token stored in the database, which you can get using Auth.AuthToken.getAccessToken().
If you are using an OpenID Connect authentication provider, an id_token is not required in the response from the provider. If a Token Issuer is specified in the Auth. Provider settings and an id_token is provided anyway, Salesforce will verify it.
String accessToken = Auth.AuthToken.getAccessToken('0SOD000000000De', 'Open ID connect'); Map<String, String> responseMap = Auth.AuthToken.refreshAccessToken('0SOD000000000De', 'Open ID connect', accessToken);
A successful request includes the access token in the response.
(RefreshError,null)(AccessToken,00DD00000007BhE!AQkAQFzj...)
public static Boolean revokeAccess(String authProviderId, String providerName, String userId, String remoteIdentifier)
Type: Boolean
The return value is true if the revokeAccess() operation is successful; otherwise false.
The following example revokes a Facebook user's access token.
Auth.AuthToken.revokeAccess('0SOxx00000#####', 'facebook', '005xx00000#####', 'ThirdPartyIdentifier_exist214176560#####');