Auth0 Home Blog Docs

Implicit Grants with Auth0.js

Currently I’ve written my SPA’s auth code with auth0 totally from scratch, not using any of the recommended APIs. I’m using the implicit grant flow so I can sign requests with the JWT access token from auth0 in HTTPS requests up to my third party API to verify the user sending them is a real user.

I’d like to move to auth0.js so I can get checkSession() and properly/silently refresh the SPA’s login tokens without disrupting the user. That whole workflow is clear. What I cannot figure out is how do I get the access token out of auth0.js to send to my API server?

I’ve read https://auth0.com/docs/libraries/auth0js/v9 but don’t see anything relevant.

When you do checkSession(), you provide a callback function to receive the authentication results. E.g.:

webAuth.checkSession({}, function (err, authResult) {
  if (err) {
    console.log(err); // something went wrong.
  } else {
    // authResult will contain the accessToken, its
    // expiration (expiresIn), the idToken if applicable,
    // state and other values.
    // see https://github.com/auth0/auth0.js/blob/7af18eed4ea587e1e09a77ed69188d6b7e17171c/src/web-auth/index.js#L311-L323
    // for possible values that you might get here
    var renewedAccessToken = authResult.accessToken;
});

Does that help?

1 Like

That’s exactly the answer I was looking for, thank you so much!

2 Likes

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.