I’m trying to implement a flow to link user accounts, and I’m trying to initiate this on the client side.
When calling the Authorization endpoint /authorize
, the user is able to log in, but after the user is redirected, the parameters are inserted into the URL in a weird format.
Rather than using a ‘?’ like you’d expect, the parameters are put after a ‘#’. This is subsequently making it difficult to parse the returned access_token and other parameters because none of the standard tools and libraries recognize all of the content after the ‘#’ as being query parameters.
This is the format that I’m seeing in the address bar:
http://localhost:3000/settings#access_token=REDACTED&expires_in=7200&token_type=Bearer&state=REDACTED
.
I don’t mind parsing these values myself, but there’s gotta be a cleaner method?