How to get the authorisation code from the redirect after verifying state?

The response type code is supported, however, in my redirect callback, I am unable to get the authorisation code via parseHash function.

I want to get the auth code so that I can send it to my API which can then exchange it for an Open ID token. After that, I would like to use regular cookies to maintain a session between my SPA and my API layer.

Any ideas on what is the easiest way to extract the auth code from the callback URL whilst also being able to verify state?


Hi @rishabh_poddar,

The parseHash function of auth0js uses the implicit grant, there is no auth code. This doc has code samples of how to get a code.