My use case: I would like to allow a user to sign in to my WordPress site, get a token for that user, add that token as a URL parameter to a link somewhere on that site, and then transfer them to another site (a Next.js app) where I would like to verify that token.
I am currently using the Auth0 Management API (the example code from the dashboard) and I’m just selecting my app and switching to PHP. Then, I’m taking the response and injecting it into the HTML header as a variable appended to the global window scope. Then I’m taking that variable, getting the access_token, and appending that to the href attribute on the link like so…
The URL from Auth0 Management API: https://dmholdingsinc.us.auth0.com/oauth/token
<a href="mynextsite.com?token=ACCESS_TOKEN_FROM_WORDPRESS">Log in to Next app</a>
The problem is that the token that I get gives me an invalid algorithm error when I try to verify() it.
JWT.io gives me
{
"e": "AQAB",
"kty": "RSA",
"n": "A_REALLY_LONG_TOKEN"
}
… in the Token Validation section when I go to test it.
How would I go about doing this?
Am I doing something wrong?
::UPDATE::
I am able to get the user’s data by searching by email, but now I can’t get an access token from Auth0 to send to my Next.js application.