I am currently facing an issue with integrating the Auth0 workflow into my system. Let me explain the situation. I have two separate projects, a backend written in Django and a front-end built with Vue.js. I have successfully integrated Auth0 on the server-side of my backend. Now, I need to find a secure way to redirect the user to the front-end website after they have logged in. Additionally, I want to ensure that the tokenId is securely stored in the user’s localStorage so they can include it in the header of their requests to our backend.
Initially, I attempted to use the callback URL from our backend to redirect the user to the frontend by including the idToken in the URL, like this: https://{front_url}/projects?token={access_token}. However, I have come to realize that this approach is not secure.
I am now seeking a solution that will allow me to securely redirect the user to our front-end page while securely sending the token. Can you provide any guidance or suggest an alternative approach?