Not receiving ID token in the redirected response URL

Hi,

I have been trying to use auth0-js to solve a few of my sign-up and login flow requirements. I was trying to do login using the below code snippet which authenticates and redirect back with access_token in response redirect URL but, I’m not sure about 2 things here.

  1. Why I’m not receiving the ID_Token as part of the response URL?
  2. Who has to manage the session? Should I manage it on my own or Auth0 will set the session?

My login code snippet for ref:
export const auth = new auth0.WebAuth({
clientID: AUTH0_CLIENT_ID,
domain: AUTH0_DOMAIN,
scope: “openid email profile”
})

auth.login({
username: user.email,
password: user.password,
realm: “‘Username-Password-Authentication’”,
redirectUri: AUTH0_LOGIN_REDIRECT_URI,
responseType: “token”,
nonce: “1234567”,
state: “1234567”
}

Sample redirect response: https://localhost:3000/authenticate#access_token=“{some_token}”&scope=openid%20profile%20email&expires_in=7200&token_type=Bearer&state=1234567

Thanks,
Vivek P N

Hey there @vivekmanu4343!

  1. The responseType will need to include id_token in addition to token as is documented here.

  2. It depends on your particular use case and which session you are referring to - Please see our documentation on sessions here.

Thanks for the update.

The session which I’m referring to is the application session which is set by Auth0. In case of login flow with auth-js, I don’t see the session being set so, how do I handle the session?

Hey there @vivekmanu4343 I apologize for the delayed response, but wanted to get back to you on this one.

It really depends on your use case, but perhaps the following blog post will help with possible approaches: