External Token Connectors
External Token Connectors in Descope enable hybrid authentication by allowing you to generate custom tokens at the end of authentication flows. These connectors allow you to keep using your existing token format and infrastructure—whether it's Firebase, Supabase, or a custom token format—while leveraging Descope Flows for identity orchestration.
How External Token Connectors Work
External Token Connectors are configured in the Connectors page and generate tokens at the end of authentication flows. When a flow completes:
- The configured token connector is invoked automatically
- The connector generates a token in the format you've configured (Firebase, Supabase, or custom)
- The external token is included in the authentication response alongside Descope's session tokens
- Your backend can use the external token for authorization and integration with existing services
You can configure external tokens at the project level (default for all flows) or at the flow level (unique token per flow). This allows you to generate different tokens for different flows, such as different Firebase projects depending on which flow is executed.
For more information on configuring external tokens, see External Token.
The external token is returned in the authentication response's externalToken field, allowing your application to seamlessly integrate with existing services that expect tokens in your current format.
Available External Token Connectors
Descope supports External Token Connectors for various platforms and custom token formats. Each connector is configured through the Connectors page in the Descope Console.