How to use the authorization code from auth0 with my API after redirect

1
votes

I'm building a SaaS project that requires authentication (duh!) and for that I am using Auth0. I've managed to the steps detailed here successfully.

Code from above link:

https://YOUR_DOMAIN/authorize?
response_type=code&
client_id=YOUR_CLIENT_ID&
redirect_uri=https://YOUR_APP/callback&
scope=SCOPE&
audience=API_AUDIENCE&
state=STATE

But I'm not sure what to do when I redirect to the redirect_url (here my dashboard url, e.g: dashboard.example.com). I mean I don't know how to use this code.

I get the code appended to url after redirect, so I think everything's working, but am not sure how to use it further to populate the dashboard with user details and retrieve content.

Do I use my API endpoint here instead of the dashboard url?

Hope my question is clear.

Any help would be wonderful! Thanks in advance!

Edit:

I am using Universal Login, not using any SDK as of now.

1
auth0
If I understand correctly, I would call the API with the code to retrieve and store the tokens and use that for consequent calls to the api. But I'm not sure how to.guidingfox

1 Answers

1
votes

After you receive the code you will exchange it for tokens via the POST /oauth/token endpoint.

Here is an example code exchange request from the Authentication API docs

POST https://YOUR_DOMAIN/oauth/token
Content-Type: application/x-www-form-urlencoded

grant_type=authorization_code&
client_id=YOUR_CLIENT_ID&
code_verifier=CODE_VERIFIER&
code=AUTHORIZATION_CODE&
redirect_uri=https://YOUR_APP/callback

Then, you can use the ID token to populate your user's info, and the access token to retrieve other data from your backend API.