Hi! I am using Retool Portals and I would like to know if it is possible to get any auth token generated by Retool (be it from a email/password login or Google SSO), so that I can send such token to my API and authenticate the user without adding add additional steps for them.
Is it possible? And if so, how to verify that such token is indeed valid in my backend?
Hey @LeoNero, Unfortunately, what you've described isn't currently possible since Retool isn't designed to function as an Identity Provider.
If your users authenticate to Retool with OIDC-based Custom SSO, then you can configure authentication on your Retool Resource with the ID Token and Access Token fetched during SSO.
This setup is documented here ->
OIDC-based Custom SSO is an Enterprise-only offering, so this approach is only possible on Retool's Enterprise plan.