laardee
commented
7 years ago Hi @James-Oldfield and thanks. The authorization_token that is returned to front-end is for authorizing API requests. To access 3rd party API you need to use other token, but that is fetched along with the user profile in the authentication flow.
The profile that is fetched, contains following fields (maybe not all but those that user has filled). If you need to use the authorization token for 3dr party APIs, you can use at_hash field for that. If you only need user's profile, there is an example userStorage which you can use to save the profile to database or Cognito. The userStorage file is left intentionally quite empty so that developers can use DB which they prefer. The saveUser function is called in callback handler, line 89.
Then you can make a new endpoint for fetching profile to front-end.
james-oldfield
Hey there!
Thanks for the work on this project, it's great. Just one quick noob question!
After successfully authenticating with a 3rd party oauth service and receiving a 224 character
authorization_token, how do I go about then using this to make authenticated requests to the third party's API? For example, getting the authenticated user's profile data.Cheers for all your work and help!
J.