Auth0 Home Blog Docs

Retrieve the API code from the 302 return link

In response to this sentence:
Now that you have an Authorization Code, you must exchange it for an Access Token that can be used to call your API. Using the Authorization Code ( code ) from the previous step

from this link https://auth0.com/docs/api-auth/tutorials/authorization-code-grant

How can I extract the code that is returned in the http 302 response.

I am using C#.

I can achieve my results using a browser, copy and paste the code from the resulting link, use that in a POSTMAN session and authenticate.

I just cant seem to work out how to get that API code returned within my code.

Any help greatly appreciated.

Thanks

1 Like

Hi @darrylw Welcome to Auth0 Community

Without knowing how you have implemented callback url it is hard to give more accurate suggestion but basically your callback url will be a server-side url that can receive a request with a code param that you can exchange for an accessToken.

I’m not sure if you have looked at our ASP .net Core 3.0 quickstart but I would highly recommend starting there to follow best practice for implementing Auth0 login https://auth0.com/docs/quickstart/webapp/aspnet-core-3#configure-callback-urls

Hi Ashish

Thanks so much for your response. I have worked through the ASP .net Core 3.0 quickstart, but unfortunately I am restricted to using DotNet Framework 4.7.1 due to other application dependencies.

I have a fairly simple WPF application that needs to upload a file to my API. I have tested the functionality without authorization and that works fine.

I seem to have narrowed down my issue to the following:
Referring back to the link [https://auth0.com/docs/api-auth/tutorials/authorization-code-grant ]

Using a url string based on the following:

"<"a href=“https://YOUR_DOMAIN/authorize?scope=appointments%20contacts&audience=appointments:api&response_type=code&client_id=YOUR_CLIENT_ID&redirect_uri=https://YOUR_APP/callback”>
Sign In

When I enter that using Chrome (or any other browser) where I am AUTHENTICATED it returns the code
(It has two returns a 200 ok and 302 found). I can manually read the code from this link.

In my code however, when I send the same URL the endpoint does not know I am authenticated. So I must be structuring the url request incorrectly or not including either the access_token or id_token.

Perhaps an example of how to structure this request in C# would be helpful.

Thanks

I managed to resolve my issue.

Structuring the LoginAsync request this way:

var loginResult = await client.LoginAsync(new { audience = “<API Audience>” });

This returns an Access_Token for the API. I can then use this Access_Token to access my API.

Credit is due to this site: https://auth0.github.io/auth0-oidc-client-net/documentation/advanced-scenarios/api-authorization.html

Darryl

1 Like

Glad you have it working now and thanks for sharing with the rest of community!

1 Like