the problem is that when i use the session token it doesn’t validate
as it says it doesn’t match the previous session token - i don’t understand how to decode it and make it match
here is the tokens i am sending:
the encoded token received by the checkout.tsx:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE3MDA2ODQ5MTcsImlzcyI6InNlYXJjaGVjb21tLnVzLmF1dGgwLmNvbSIsInN1YiI6ImF1dGgwfDY1NTU5NzNlMjFkODcyYzMwYTdhOTM2ZiIsImV4cCI6MTcwMDY4NTgxNywiaXAiOiIyNjAwOjg4MDI6MTkwMTo1YjAwOjZkMTE6MTQ3YjpmYTYwOjU2N2EiLCJjdXN0b21lcklkIjoiY3VzX1AweXdpMGtaNzFSRUVQIn0.K1V3GeyxCvq4KrPC5MGeA0HurG32HchwoD49NnbPWKQ
sent back token to /continue
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE3MDA2ODQ5MTcsImlzcyI6InNlYXJjaGVjb21tLnVzLmF1dGgwLmNvbSIsInN1YiI6ImF1dGgwfDY1NTU5NzNlMjFkODcyYzMwYTdhOTM2ZiIsImV4cCI6MTcwMDY4NTgxNywiaXAiOiIyNjAwOjg4MDI6MTkwMTo1YjAwOjZkMTE6MTQ3YjpmYTYwOjU2N2EiLCJjdXN0b21lcklkIjoiY3VzX1AweXdpMGtaNzFSRUVQIn0.K1V3GeyxCvq4KrPC5MGeA0HurG32HchwoD49NnbPWKQ
both jwt token are matching so when the same encoded token is sent back to the auth0 action and validated now with this logic
let decodedToken;
decodedToken = api.redirect.validateToken({
secret: event.secrets.NEW_STATE,
tokenParameterName: 'session_token',
});
and sent to the user like this
const sessionToken = api.redirect.encodeToken({
secret: event.secrets.NEW_STATE,
payload: {
customerId: event.user.app_metadata.stripe_customer_id,
},
});
....
api.redirect.sendUserTo('https://www.**************.com/checkout', {
query:
{
session_token: sessionToken,
redirect_uri: `https://***********.us.auth0.com/continue`,
customer_id: event.user.app_metadata.stripe_customer_id
},
});
is there any reason why the code isn’t able to validate the token?
thanks again @thameera