I am using auth0 in my desktop application using electron js.
I have made the login process in such a way that when user clicks on
login it opens the login page in my web app, in that it redirects to the /autorize using react sdk.
and when the callback is received, i want to send the same auth_code to my electron js so it gets logged in.
But instead i got to know that it cant done that way because authz code is one time use only.
Please help me in here
Hi @amiralam,
Thanks for reaching out to the Auth0 Community!
Yes, your observation is correct. The authorization code is by specification one-time use only.
Reference: RFC 6749 - The OAuth 2.0 Authorization Framework.
Please let us know if you have any additional questions.
Thanks,
Rueben
Yes, I issued a authorizarion code using auth0 react sdk, and i am passing that authz code back to my desktop app using deeplink, it;s asking for code_verifier, but i didnt passed any