New to the service and trying to figure out a seemingly simple workflow. I have 5 standalone web pages, just plain HTML, JS, CSS. They just have links referencing each other, no front-end server, noback-end, no concept of state.
I am trying to implement passwordless authentication using the lock widget since it seems to be the easiest route. I can trigger the appearance of the lock, users can submit their email address and get the email, and when they click on the link they get redirected to my main page.
Here is my question:
- How do I validate the user still has a valid auth0 session/token once they have been redirected to my app from the email? I see a “code” & “state” in the URL search string but that doesn’t map to an auth token so I can’t place a getUserInfo() call. I need some identified to place further calls. Having stand alone pages i don’t understand how i could be listening to an event. Any guidance would be appreciated.