Implicit Grants with Auth0.js

Currently I’ve written my SPA’s auth code with auth0 totally from scratch, not using any of the recommended APIs. I’m using the implicit grant flow so I can sign requests with the JWT access token from auth0 in HTTPS requests up to my third party API to verify the user sending them is a real user.

I’d like to move to auth0.js so I can get checkSession() and properly/silently refresh the SPA’s login tokens without disrupting the user. That whole workflow is clear. What I cannot figure out is how do I get the access token out of auth0.js to send to my API server?

I’ve read Auth0.js v9 Reference but don’t see anything relevant.

When you do checkSession(), you provide a callback function to receive the authentication results. E.g.:

webAuth.checkSession({}, function (err, authResult) {
  if (err) {
    console.log(err); // something went wrong.
  } else {
    // authResult will contain the accessToken, its
    // expiration (expiresIn), the idToken if applicable,
    // state and other values.
    // see https://github.com/auth0/auth0.js/blob/7af18eed4ea587e1e09a77ed69188d6b7e17171c/src/web-auth/index.js#L311-L323
    // for possible values that you might get here
    var renewedAccessToken = authResult.accessToken;
});

Does that help?

1 Like

That’s exactly the answer I was looking for, thank you so much!

2 Likes

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.