I’m using a facebook only login system. I’m using the following login flow.
- On clicking the login button, client(Vuejs) redirects to a page rendered directly from the server.
- Server shows the Auth0 login page, gets the user and makes a JWT.
- Server redirects to the client page with JWT as query Params.
Issue that I am facing: As sending the token through query params is not very secure I want to know is there a way in which I could send(from client) some kind of code or token to Server, get it validated by the server and get in return a JWT in the response.
I could think of how to achieve this when I am using username and password, but with Auth0 Facebook login, I am not sure what I should be sending in the AJAX call to my server.
Any help would be highly appreciated.