Hey, I’ve tried for a few days now to find the right approach to solving my problem - but just can’t get it right - this is my situation:
I have a Flutter SPA as frontend (running on Server A), which I want to use to access my backends REST-APIs (running on Server B, Node.js App using express)
I want to authenticate my user when accessing the backend
What I did so far:
- I followed the quick start guide for setting up my Flutter SPA, which works fine, I end up with credentials.AccessToken and credentials.idToken
At this point I don’t understand how I can use these Tokens to make authenticated requests to my backend and how my backend can handle received tokens.
I’ve already come across the Authorization Code Flow with Proof Key for Code Exchange (PKCE) which seems to be more up to what I’m trying to do. But I can’t really figure out how to apply these steps to my applications architecture. Also it seems that some of theses steps are not applicable to the provided Auth0 Flutter and Express SDKs.
Maybe I am just totally in the wrong direction with my approach here - but I could really need help getting in the right direction here for my setup.
Thanks for your help!