Process Authorization Response
Once authentication is requested, BindID redirects to the redirect URI provided by the client and encodes the response in the URI, as per the OIDC standard. The client SDK should be used to parse the response (e.g., to extract the authorization code). The redirect page should include the
processRedirectResponse() SDK method (see the API reference), but only after invoking the
initialize() SDK method. This will return the OIDC authorization code that will be used to obtain the ID token for the user (see Get User Identity and Trust).
Here’s an example of invoking the
processRedirectResponse() SDK method to process the authentication result:
The functions in the snippet above should be implemented as follows:
sendAuthCodeToServershould send the authorization code received upon successful authentication to your server, where it will be processed to retrieve user info.
handleErrorshould respond to an authentication error, possibly by presenting a suitable message to the user.
Note: If you’re not using the BindID SDK but implementing the OIDC standard directly, you should make sure that the
state parameter you received in the response matches the
state value that was sent in the request.