Process Authorization Response

Once authentication is requested, BindID redirects to the redirect URI provided by the client and encodes the response in the URI, as per the OIDC standard. The client SDK should be used to parse the response (e.g., to extract the authorization code). The redirect page should include the processRedirectResponse() SDK method (see the API reference), but only after invoking the initialize() SDK method. This will return the OIDC authorization code that will be used to obtain the ID token for the user (see Get User Identity and Trust).

Here’s an example of invoking the processRedirectResponse() SDK method to process the authentication result:

<body>
 …
  <script>
    function sendAuthCodeToServer(authCode) {
        // Add code to send the authCode to your application server here
    }
    function handleError(err) {
        // Add code to process the authentication error here
    }
    window.XmBindId.processRedirectResponse()
        .then(res => { sendAuthCodeToServer(res.code); }),
            err => { handleError(err) });
  </script>
 …
 </body>

The functions in the snippet above should be implemented as follows:

sendAuthCodeToServer should send the authorization code received upon successful authentication to your server, where it will be processed to retrieve user info.
handleError should respond to an authentication error, possibly by presenting a suitable message to the user.

Note: If you’re not using the BindID SDK but implementing the OIDC standard directly, you should make sure that the state parameter you received in the response matches the state value that was sent in the request.

Process Authorization Response#

Process Authorization Response