I am very new to this. Forgive my igorance.
I have created a “Regular Web Application”.
I authenticate with auth0Client.loginWithRedirect() in javascript.
This works and invokes my Java backend callback.
I see no cookies of interest.
I recieve two parameters:
code and state.
I attempted to access the userinfo by using the auth API
AuthAPI auth0 = new AuthAPI(domain,clientid, secret);
Then:
TokenHolder holder = auth0.exchangeCode(code, redirectUri)
.execute();
code comes from parameter and redirectUri is the callback.
I get this error:
com.auth0.exception.APIException: Request failed with status code 400: Parameter ‘code_verifier’ is required
I don’t know what to do with the state parameter.
I am using “Authorization Code” grant type. I have tried turning on various grant types. Nothing seems to change callback behaviour
I downloaded and deployed the “Regular Web App” quick start. It works and runs. It gives me a:
Hello
Then a long hexadecimal string.
I examined the code. I do not see it accessing user info.
I found other posts but I did not see any clear resolution.