Auth0 Home Blog Docs

NodeJS - Execute an authorization grant

nodejs

#1

Question:
I the doc, section titled “Execute an authorization grant flow”, the first step is to get the User’s Authorization.
The doc, states “To begin an Authorization Code flow, your web application should first send the user to the authorization URL: etc”.
My appologies if this question is a basic nodejs development related one, but how do you do that in nodejs? Are we talking to make a http POST request to the URL?

Thanks!
Charlie


#2

DId you try our nodejs quick starts? https://auth0.com/docs/quickstart/webapp/nodejs/01-login


#3

Yes, I reviewed and tested the code you referenced. But this code doesn’t execute an authorization grant flow, as per my initial question.
C-


#4

This quick start uses express + passport.js to initiate this flow. That code is well encapsulated. This is the exact line that does this with middleware:

This is how it works. When the server is spun up it configures passport.js with the passport-auth0 strategy. When calling the login endpoint it checks the session for a valid/authenticated user. If one doesn’t exist that endpoint will redirect the user to the /authorize endpoint to trigger Authorization Code Flow.

Then after the user successfully logs in Auth0 will redirect the user back to here:

This also uses passport.js middle ware to do the code exchange. It is actually using the auth0 strategy as well to do the state validation and code exchange. You can see how passport and the auth0 strategy are configured here:


#5

Yes, it does.
This part, actually says that you should redirect your user to the /authorization endpoint, which is what our quick start does here.