Im trying to get the framework working.
I can sucessfully login and forwarded to the callback url where im receiving tow parameters via get , state and code.
Now I dont know how to continue.
I would like to know who is successfully logged to provide its resources.
How can I convert those parameters: code and state in the user identity ?
Where can I read a little bit more?
Is there any working php example to look ?
Hi, @ingrogger. Thanks for reaching out.
You should check one of our quick starts and see if they cover your specific stack. On this page, if you search for “php”, you will find solutions for Laravel, Symfony, and even for some pure PHP approach (that might be applicable for other frameworks not covered so far).
If you say that you are getting a
state and a
code back from the authorization server (Auth0), then I will assume that you are building what we call regular web application (that is, a web app that handles routes and renders response on the server, not an API that is consumed by a SPA or a native app). In that case, the next thing you will need to do is to exchange the authorization
code for an access token.
The link I just referenced explains the steps needed to log users in and to fetch access tokens and id tokens (to get the latter you will need the right scopes). After fetching these tokens, you can either decode id tokens locally and validate it, or you can use access tokens consume the
/userinfo to fetch user profile.
If the short answer does not help you, would you mind clarifying what would be your scenario?
Dear bruno , thanks for you response.
You assumed well : Im building a regular web application.
I have been looking for some working php example about how to continue after getting the state and code tokens.
I dont know what to do with them , I need to exchange them for some util information in order to properly route and render the response.
If you can point some util example or reading documentation , i will apretiate it.
Dear Bruno , thanks for the links.
After following the “use access tokens the userinfo” link a got the info i was looking for.
Last question, why should I validate tokens ? is it a sucurity concern ?
Thanks for all!!!
Bruno , i got it !!!
Hey there, I’m glad you solved your issue. One question though: haven’t you used the quick starts we have around PHP? Like I mentioned, we have for Laravel, Symfony, and “generic” PHP frameworks.
These quick starts are supposed to be working samples with instructions on how to get make them work in your application.
Bruno , I tryied reading documentation but it is not easy for me to find what im looking for.
If you can point more php examples it would be great.
Have you checked the Auth0 quick starts for PHP? Don’t they cover what you are looking for? If not, what would be that?
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.