Hi!
When clicking on sign in link in the email sent by Passwordless I would like to get the returned data in the query string instead of the fragment.
I.e now I get
http: //my-domain-and-path # access_token=…
But would like to get
http: //my-domain-and-path ? access_token=…
This way I could verify the token directly instead of needing to scrape it and send it to back-end as xhr.
Thanks! 
From: javascript - Auth0 - Callback URL never called - Stack Overflow
The id_token and access_token are
returned on the hash fragment when
you’re using a response type of token.
This is aimed for browser-based
applications that as a consequence
have access to the URL fragment.If your application is a traditional
server-side web application you should
be using the code response type so
that an authorization code is sent to
your server-side as part of the query
string. Then on the server-side you
can issue a request to exchange this
code for the actual tokens.
Yup, explicitly setting “responseType” to “code” when doing new auth0.WebAuth(...) solved it, thank you!