Getting the Token ID

I’m using the Realm SDK Google Auth RedirectURI. I’m getting the user data, accessToken, and refreshToken. What I’m not getting is the tokenId so that I can validate the session with my backend API.

I was using react-google-login with Mongo Anonymous login. I could use that tokenId to validate the session. I can’t seem to accomplish the same thing with Realm SDK redirect. I would have passed the AuthCode to Realm SDK, but that doesn’t work either based on this post.

My frontend is ReactJS. The backend is NodeJS. Here’s what I’m trying to accomplish.

Login Snippet:
const credentials =;
const user = await app.logIn(credentials);

Redirect Snippet:

fetch(url, { method, headers, body: {, tokenId} });

const client = new OAuth2Client(CLIENT_ID);
const ticket = await client.verifyIdToken({
idToken: token,
audience: CLIENT_ID,

First off - welcome to the forum :slight_smile:
and thanks for your patience on this.

The access and refresh tokens that are available on a user instance after authentication are JWT which are scoped to MongoDB Realm and as such, we don’t provide the public key to validate their authenticity, making it impossible to pass these to your backend to verify them.

One way to authenticate with Google OAuth 2.0 and get access to the idToken for your backend component is to use the Google Platform Library (or alternatively the React library react-use-googlelogin which provides a React hooks API around it) to sign in. Once authenticated you can use the getAuthResponse method on the User returned from the Google Playform Library (or simply the idToken property on the user in case you use the react-use-googlelogin package) to get the OpenID Connect ID Token.

This token can be used when authenticating towards MongoDB Realm (via as of Realm Web v1.1.0 which will be released shortly.

I hope that we’ll be able to make a detailed example app or guide available soon, outlining the steps required to get Google OAuth via OpenID Connect setup correctly.

Please let me know if I need to dive deeper into some part of my answer above :+1:
Happy coding!

1 Like

FYI: Realm Web v1.1.0 with support for passing in the OpenID Connect id token was just released.

import { Credentials } from "realm-web";
const credentials ="google-id-token-goes-here");

Awesome timing. Thanks!

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.