I have a Php site and I am using the SPA example with the Universal Login. All works fine. I can login with email and password or with any configured social network
When user login, I got a code and state via GET. My question is this:
How can I use that code/state in Php so I can obtain user info, update info, or something ?
I’m able to do that with the javascript part, but I want it with Php
The auth code is not meant to be shared between your frontend and backend. That is the purpose of the Access Token. Is there a reason why you aren’t using the AT?
After my last upodate, I search and test a lot of things. As I said, I can’t use the SDK because the server doesn’t fit the requirements, so I was thinking in using the API directly
Changed the login link to https://{DOMAIN}/authorize and then I send the retrieved code to https://{DOMAIN}/oauth/token and now I got the access_token
I have strugglin with composer, SDK, grant types, PKCE, code verifier, audience, managment API, machine to machine, native web or PSA, and stuff I don’t remember anymore. Dunno why is there so many options/ways
The next step is get the user info… seems the grant_type must be client_credentials instead of authorization_code, but then I got an error with audience. Will try in a few hours
Hope there is a sample/doc that uses API directly. I’m working with Php and Curl
Btw, is there a way to combine users? Currently Auth0 creates a different user when sigin with different social networks but the email is in fact the same
Are you building a SPA? Typically, a PHP app would be more like a Regular Web App.
Why can’t you use an SDK? Most of the things you are struggling with here are not Auth0 concepts, but rather, they are parts of the OAuth2.0/OIDC protocol, which Auth0 didn’t create.
One of the benefits of Auth0 is that you don’t have to have a expert understanding of the protocols to implement them. By not using an SDK, you are mostly negating that benefit.
Yep, is a Regular Web App, but when I was looking for examples, all point to the Php SDK, So I tried the SPA and then works, the first step
Can’t use the SDK because the server is a little old and has many projects, so can’t upgrade Php to version 8
I don’t mind using Rest/API, I have used Facebook, Messenger. Whatsapp, Slack, Twittter, Paypal, Apple, Amazon, even Oauth directly a few years ago, and many others. This is one of the first time I have, let’s say, issues with some technology
In fact, I can login/signin users via Social media on my own, but my boss says must use Auth0, mainly to avoid wasting time on updating code everytime a social network change something. Of course, we plan to pay one of the plans
Sorry if I sound rude, I can’t express myself properly because english is not my native language
I just looking for help, don’t want somebody to do the work for me. Just a guide on where or what to search
Want to login/register - I’m able to do that with /autorize
I can obtain the access_token using the /oauth/token
Need to obtain name, email, type of login (auth, social)
Later, will deal on how to refresh the token and other stuff
I’m thinking on this: If I’m able to login/register a user and got a code/state, why can’t just simply call some Auth0 API to obtain the info? Why do I need to deal with Oauth?
