In hybrid flow docs
https://auth0.com/docs/authorization/flows/call-api-hybrid-flow
there is example of code for node js
but is incorrect, because for cURL we have
So on request catcher we can see difference This is correct request body [ from cURL ]
.
and this is request body from node js axios example
So instead of object in “data” key of axios we should use this code to fix it:
const options: AxiosRequestConfig = {
method: 'POST',
url: `https://${AUTH0_DOMAIN}/oauth/token`,
headers: {'content-type': 'application/x-www-form-urlencoded'},
data: new URLSearchParams([
['grant_type', 'authorization_code'],
['client_id', AUTH0_CLIENT_ID],
['client_secret', AUTH0_CLIENT_SECRET],
['code', cred.code],
['redirect_uri', `http://${HOST}/callback`]
]).toString()
};
I tested it and this exemplary option works, but options from example in docs give incorrect body format ignoring application/x-www-form-urlencoded
type.