feat: added support for MRRT on Android/iOS

.github/workflows/publish-docs.yml

@@ -1,70 +1,70 @@
 name: PUBLISH DOCS
 on:
-    workflow_dispatch:
-    workflow_call:
-    # or set up your own custom triggers
+  workflow_dispatch:
+  workflow_call:
+  # or set up your own custom triggers
 permissions:
-    contents: write # allows the 'Commit' step without tokens
+  contents: write # allows the 'Commit' step without tokens
 
 jobs:
-    get_history: # create an artifact from the existing documentation builds
-        runs-on: ubuntu-latest
-        steps:
-            - name: get the gh-pages repo
-              uses: actions/checkout@v6
-              with:
-                  ref: gh-pages
+  get_history: # create an artifact from the existing documentation builds
+    runs-on: ubuntu-latest
+    steps:
+      - name: get the gh-pages repo
+        uses: actions/checkout@v6
+        with:
+          ref: gh-pages
 
-            - name: remove all symbolic links from root if present
-              run: |
-                  find . -maxdepth 1 -type l -delete
+      - name: remove all symbolic links from root if present
+        run: |
+          find . -maxdepth 1 -type l -delete
 
-            - name: tar the existing docs from root
-              run: |
-                  tar -cvf documentation.tar ./
+      - name: tar the existing docs from root
+        run: |
+          tar -cvf documentation.tar ./
 
-            - name: create a document artifact
-              uses: actions/upload-artifact@v5
-              with:
-                  name: documentation
-                  path: documentation.tar
-                  retention-days: 1
+      - name: create a document artifact
+        uses: actions/upload-artifact@v5
+        with:
+          name: documentation
+          path: documentation.tar
+          retention-days: 1
 
-    build_and_deploy: # builds the distribution and then the documentation
-        needs: get_history
-        runs-on: ubuntu-latest
-        permissions:
-            contents: write
-        steps:
-            - name: Checkout src
-              uses: actions/checkout@v6
-              with:
-                  token: ${{ github.token }}
+  build_and_deploy: # builds the distribution and then the documentation
+    needs: get_history
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+    steps:
+      - name: Checkout src
+        uses: actions/checkout@v6
+        with:
+          token: ${{ github.token }}
 
-            - name: Download the existing documents artifact
-              uses: actions/download-artifact@v6
-              with:
-                  name: documentation
-            - run: rm -rf ./docs # delete previous docs folder present
-            - run: mkdir ./docs # create an empty docs folder
-            - run: tar -xf documentation.tar -C ./docs
-            - run: rm -f documentation.tar
+      - name: Download the existing documents artifact
+        uses: actions/download-artifact@v6
+        with:
+          name: documentation
+      - run: rm -rf ./docs # delete previous docs folder present
+      - run: mkdir ./docs # create an empty docs folder
+      - run: tar -xf documentation.tar -C ./docs
+      - run: rm -f documentation.tar
 
-            - name: Setup
-              uses: ./.github/actions/setup
+      - name: Setup
+        uses: ./.github/actions/setup
 
-            - name: Build documents
-              run: yarn docs #set up 'docs' build script in your package.json
+      - name: Build documents
+        run: yarn docs #set up 'docs' build script in your package.json
 
-            - name: Remove all the symbolic links from docs folder
-              run: find ./docs -type l -delete
+      - name: Remove all the symbolic links from docs folder
+        run: find ./docs -type l -delete
 
-            - name: Run cleanup and manage document versions
-              run: node scripts/manage-doc-versions.js
+      - name: Run cleanup and manage document versions
+        run: node scripts/manage-doc-versions.js
 
-            - name: Deploy to GitHub Pages
-              uses: peaceiris/actions-gh-pages@v4
-              with:
-                  github_token: ${{ github.token }}
-                  publish_dir: ./docs
-                  keep_files: false
+      - name: Deploy to GitHub Pages
+        uses: peaceiris/actions-gh-pages@v4
+        with:
+          github_token: ${{ github.token }}
+          publish_dir: ./docs
+          keep_files: false

FAQ.md

@@ -391,7 +391,7 @@ function App() {
   const onLogin = async () => {
     await authorize({
       audience: AUDIENCE,
-      scope: 'openid profile email offline_access'
+      scope: 'openid profile email offline_access',
     });
   };
 
@@ -400,7 +400,7 @@ function App() {
     const credentials = await getCredentials(
       'openid profile email offline_access',
       0,
-      { audience: AUDIENCE }  // ← Must include audience here!
+      { audience: AUDIENCE } // ← Must include audience here!
     );
     console.log('JWT Access Token:', credentials.accessToken);
   };
@@ -427,15 +427,15 @@ Define your auth configuration once and reuse it:
 ```javascript
 const AUTH_CONFIG = {
   audience: 'https://your-api.example.com',
-  scope: 'openid profile email offline_access'
+  scope: 'openid profile email offline_access',
 };
 
 // Login
 await authorize(AUTH_CONFIG);
 
 // Get credentials later (include audience in parameters)
 await getCredentials(AUTH_CONFIG.scope, 0, {
-  audience: AUTH_CONFIG.audience
+  audience: AUTH_CONFIG.audience,
 });
 ```
 
@@ -444,13 +444,13 @@ await getCredentials(AUTH_CONFIG.scope, 0, {
 ```javascript
 const auth0 = new Auth0({
   domain: 'YOUR_DOMAIN',
-  clientId: 'YOUR_CLIENT_ID'
+  clientId: 'YOUR_CLIENT_ID',
 });
 
 // Login
 await auth0.webAuth.authorize({
   audience: 'https://your-api.example.com',
-  scope: 'openid profile email offline_access'
+  scope: 'openid profile email offline_access',
 });
 
 // Get credentials (must include audience)

README.md

@@ -212,9 +212,9 @@ To use the SDK with Expo, configure the app at build time by providing the `doma
 
 > :info: If you want to switch between multiple domains in your app, refer [here](https://github.com/auth0/react-native-auth0/blob/master/EXAMPLES.md#domain-switching)
 
-| API          | Description                                                                                                                                                                                                                                                                  |
-| ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| domain       | Mandatory: Provide the Auth0 domain that can be found at the [Application Settings](https://manage.auth0.com/#/applications)                                                                                                                                                 |
+| API          | Description                                                                                                                                                                                                                                                                                                                         |
+| ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| domain       | Mandatory: Provide the Auth0 domain that can be found at the [Application Settings](https://manage.auth0.com/#/applications)                                                                                                                                                                                                        |
 | customScheme | Optional: Custom scheme to build the callback URL with. The value provided here should be passed to the `customScheme` option parameter of the `authorize` and `clearSession` methods. The custom scheme should be a unique, all lowercase value with no special characters. To use Android App Links, set this value to `"https"`. |
 
 **Note:** When using `customScheme: "https"` for Android App Links, the plugin will automatically add `android:autoVerify="true"` to the intent-filter in your Android manifest to enable automatic verification of App Links.

android/src/main/java/com/auth0/react/A0Auth0Module.kt

@@ -4,6 +4,7 @@ import android.app.Activity
 import android.content.Intent
 import androidx.fragment.app.FragmentActivity
 import com.auth0.android.Auth0
+import com.auth0.android.result.APICredentials
 import com.auth0.android.authentication.AuthenticationAPIClient
 import com.auth0.android.authentication.AuthenticationException
 import com.auth0.android.authentication.storage.CredentialsManagerException
@@ -290,6 +291,46 @@ class A0Auth0Module(private val reactContext: ReactApplicationContext) : A0Auth0
         promise.resolve(secureCredentialsManager.hasValidCredentials(minTtl.toLong()))
     }
 
+    @ReactMethod
+    override fun getApiCredentials(
+        audience: String,
+        scope: String?,
+        minTtl: Double,
+        parameters: ReadableMap,
+        promise: Promise
+    ) {
+        val cleanedParameters = mutableMapOf<String, String>()
+        parameters.toHashMap().forEach { (key, value) ->
+            value?.let { cleanedParameters[key] = it.toString() }
+        }
+
+        UiThreadUtil.runOnUiThread {
+            secureCredentialsManager.getApiCredentials(
+                audience,
+                scope,
+                minTtl.toInt(),
+                cleanedParameters,
+                emptyMap(), // headers not supported from JS yet
+                object : com.auth0.android.callback.Callback<APICredentials, CredentialsManagerException> {
+                    override fun onSuccess(credentials: APICredentials) {
+                        val map = ApiCredentialsParser.toMap(credentials)
+                        promise.resolve(map)
+                    }
+
+                    override fun onFailure(e: CredentialsManagerException) {
+                        val errorCode = deduceErrorCode(e)
+                        promise.reject(errorCode, e.message, e)
+                    }
+                }
+            )
+        }
+    }
+
+    @ReactMethod
+    override fun clearApiCredentials(audience: String, promise: Promise) {
+        secureCredentialsManager.clearApiCredentials(audience)
+        promise.resolve(true)
+    }
     override fun getConstants(): Map<String, String> {
         return mapOf("bundleIdentifier" to reactContext.applicationInfo.packageName)
     }

android/src/main/java/com/auth0/react/ApiCredentialsParser.kt

@@ -0,0 +1,22 @@
+package com.auth0.react
+
+import com.auth0.android.result.APICredentials
+import com.facebook.react.bridge.Arguments
+import com.facebook.react.bridge.ReadableMap
+
+object ApiCredentialsParser {
+
+    private const val ACCESS_TOKEN_KEY = "accessToken"
+    private const val EXPIRES_AT_KEY = "expiresAt"
+    private const val SCOPE_KEY = "scope"
+    private const val TOKEN_TYPE_KEY = "tokenType"
+
+    fun toMap(credentials: APICredentials): ReadableMap {
+        val map = Arguments.createMap()
+        map.putString(ACCESS_TOKEN_KEY, credentials.accessToken)
+        map.putDouble(EXPIRES_AT_KEY, credentials.expiresAt.time / 1000.0)
+        map.putString(SCOPE_KEY, credentials.scope)
+        map.putString(TOKEN_TYPE_KEY, credentials.type)
+        return map
+    }
+}

android/src/main/oldarch/com/auth0/react/A0Auth0Spec.kt

@@ -51,6 +51,20 @@ abstract class A0Auth0Spec(context: ReactApplicationContext) : ReactContextBaseJ
     @DoNotStrip
     abstract fun clearCredentials(promise: Promise)
 
+    @ReactMethod
+    @DoNotStrip
+    abstract fun getApiCredentials(
+        audience: String,
+        scope: String?,
+        minTTL: Double,
+        parameters: ReadableMap,
+        promise: Promise
+    )
+
+    @ReactMethod
+    @DoNotStrip
+    abstract fun clearApiCredentials(audience: String, promise: Promise)
+
     @ReactMethod
     @DoNotStrip
     abstract fun webAuth(

eslint.config.mjs

@@ -36,7 +36,14 @@ export default defineConfig([
   // TypeScript-specific configuration for type-checked rules
   {
     files: ['**/*.ts', '**/*.tsx'],
-    ignores: ['**/__tests__/**', '**/__mocks__/**', '**/*.spec.ts', '**/*.spec.tsx', '**/*.test.ts', '**/*.test.tsx'],
+    ignores: [
+      '**/__tests__/**',
+      '**/__mocks__/**',
+      '**/*.spec.ts',
+      '**/*.spec.tsx',
+      '**/*.test.ts',
+      '**/*.test.tsx',
+    ],
     languageOptions: {
       parserOptions: {
         project: true,

example/src/navigation/MainTabNavigator.tsx

@@ -5,11 +5,13 @@ import { createBottomTabNavigator } from '@react-navigation/bottom-tabs';
 import ProfileScreen from '../screens/hooks/Profile';
 import ApiScreen from '../screens/hooks/Api';
 import MoreScreen from '../screens/hooks/More';
+import CredentialsScreen from '../screens/hooks/CredentialsScreen';
 
 export type MainTabParamList = {
   Profile: undefined;
   Api: undefined;
   More: undefined;
+  Credentials: undefined;
 };
 
 const Tab = createBottomTabNavigator<MainTabParamList>();
@@ -31,6 +33,7 @@ const MainTabNavigator = () => {
         component={ProfileScreen}
         // You can add icons here if desired
       />
+      <Tab.Screen name="Credentials" component={CredentialsScreen} />
       <Tab.Screen name="Api" component={ApiScreen} />
       <Tab.Screen name="More" component={MoreScreen} />
     </Tab.Navigator>