Process Authorization Response

Once authentication is requested, BindID redirects to the redirect URI provided by the client and encodes the response in the URI, as per the OIDC standard. The client SDK should be used to parse the response (e.g., to extract the authorization code). When using a front-end PKCE authorization flow, the application should call the exchangeToken() method to process the authentication result, and retrieve access and ID tokens. Here’s an example of invoking the exchangeToken() SDK method to process the authentication result:

func exchange(response: XmBindIdResponse) {
    XmBindIdSdk.shared.exchangeToken(exchangeRequest: XmBindIdExchangeTokenRequest.init(codeResponse: response)) { [weak self] (response, error) in
        if let e = error {
            self?.handleError(error: e)
        } else if let tokenResponse = response {
            self?.handleToken(tokenResponse)
        }
    }
}

The functions in the snippet above should be implemented as follows:

handleToken should validate the ID token, initialize the relevant application logic, and, when relevant, send the ID and access tokens to the backend server for processing.
handleError should respond to an authentication error, possibly by presenting a suitable message to the user.

Note: If you’re not using the BindID SDK but implementing the OIDC standard directly, you should make sure that the state parameter you received in the response matches the state value that was sent in the request.

Process Authorization Response#

Process Authorization Response