i am a relatively new developer and i am trying to add authentication to my SPA(React.js) + node.js app. I am struggling to get the authentication flow sorted out. The quoick start seems o make is as east as matching auth token with the HTTP request sent to the back end. This is not working in my app. I noticed that in the hello-world spa and matching node server that there is an apiServerUrl.js file and an external-api-service.js file. this is not mentioned or references tin the documentation. or if it is i didn’t see it.
Hi @tyf. Tank you for the link. I have followed a few different quick starts. What I am struggling with is the implementation of the bearer token being passed to my backend. It seems like the quick start is authenticating the SPA fine and also adding the auth functionality to my server, which I get. But there is almost no mention of the bearer token being attached to the headers. or if it is its very vague. If i am just supposed to know that or its out of Okta’s domain, that fine. But it feels unclear.
It varies depending on the SDK, but at the end of the day it’s really just using an access token - This is done by including the token as a bearer credential in an HTTP authorization header. For example, using fetch in node.js: