This new Token Vault capability allows Client Applications to obtain access tokens from third-party APIs (resource servers), through an authorization flow that is coordinated by a common Identity Provider implementing the Identity Assertion Authorisation Grant standard. This new standard enables requesting applications such as AI Agents to obtain access tokens where user consent is managed by policy at the Identity Provider.
To evaluate the Requesting App for Cross App Access, please contact Auth0. For more details, see the product documentation.
Fetched April 18, 2026