leastprivilege
commented
9 years ago you can read access tokens also from query strings -
The providers also work with the this access token middleware.
Closed remunda closed 9 years ago
leastprivilege
commented
9 years ago you can read access tokens also from query strings -
The providers also work with the this access token middleware.
remunda
commented
9 years ago Great. Thanks a lot.
Hi,
i have a question. What is the best approach for downloading files from SPA. Because i'm using bearer token authentication, i'm not able to simply open new window with url for download. Also i don't want to handle cookies in my SPA or downloading with AJAX. Is it good idea to open new window with authorization endpoint with post redirect to download URL? If so, can be used the endpoint/local validation to retrieve claims from the POST request exactly as for token in "Authorization" header?
Thanks alot for your advice