Retrieve an access token from an url passed in as a fragment #

0
I am trying to get the access token that i get from an url that is send to my callback url + the access token.   https://myapp.com/cognito/callback#accestoken=abc   When i try to retrieve this accestoken, its not showing it anywhere in the request/response or in the uri. Its possible to add a query to retrieve parameters, but they use a ? and it is not possible for a fragment #   Does anyone have a solution on how to get this access token?    
asked
1 answers
0

You’re right — the fragment identifier (everything after #) is never sent to the server. It’s only accessible on the client-side (browser), so you won’t be able to access it in Mendix through a regular microflow, REST call, or server-side request.

 

To retrieve the access token from a URL like this:

https://myapp.com/cognito/callback#access_token=abc

 

You’ll need to use JavaScript in a client-side Nanoflow or page script to extract the token from the URL. Here’s what you can do:

  1. Add a Nanoflow that runs when your callback page is loaded.
  2. Inside that Nanoflow, call a JavaScript action (create one if needed).
  3. In that JavaScript action, extract the token like this:

 

const hash = window.location.hash;

const params = new URLSearchParams(hash.slice(1));

const accessToken = params.get("access_token");

return accessToken;

 

4. Then pass this token back to the Nanoflow and store it in a variable or entity.

 

Alternatively, if you’re using AWS Cognito, consider using response_type=code instead of token in your auth flow, so the access code is sent via query parameters (after ?), which is accessible on the server-side.

answered