Authorization Code Flow: from Auth0 to FusionAuth
-
Hi,
I am currently using Auth0 in production for my SaaS application and thinking about migrating to FusionAuth.
My main issue is that I can't find the equivalent authentication flow as described by Auth0 here:
https://auth0.com/docs/get-started/authentication-and-authorization-flow/authorization-code-flowLooking at this documentation
https://fusionauth.io/learn/expert-advice/authentication/login-authentication-workflows
it feels like the nearest flow is the "(RECOMMENDED) OAuth 2 authorization code grant using JWTs and refresh tokens stored in cookies" (https://fusionauth.io/learn/expert-advice/authentication/spa/oauth-authorization-code-grant-jwts-refresh-tokens-cookies) but it seems like the frontend is not calling directly /oauth2/token but needs to go through the backend.This is an issue because I would like to store my access token in-memory (cf recommandation of Auth0 https://auth0.com/docs/secure/security-guidance/data-security/token-storage#browser-in-memory-scenarios) but can't.
Moreover I prefer not to implement any logic related to authentication in my backend (except decoding the token...) .
Thank you for your help!
-
@etienne-caldo Hey Etienne, this is a good question, there is some context that goes behind it and usually we would want to have a discovery coffee session to elaborate on the matter. Let me know if this is of interest to you.