Tutorial: Build Universal Applications with Nuxt.js

Andy March

Sorry to hear that Corey, i’d be happy to pass any feedback you have on to our team, you’re welcome to drop me an email at andy.march@okta.com

Andy March

From the server side our admin APIs can be called with either an API key or with an OAuth token. This allows you to make the call as either the application (API key or OAuth token) or the user themselves (OAuth token) depending on their permissions in Okta.

The easist way to get user information is either to request an ID token, or use the access token to talk to the standard OIDC userinfo endpoint.

Hamza Naveed

Hi Andy, Is it worth to wait for an updated post on this?

Andy March

Hi Hamza, thanks for the nudge on this. I haven’t updated the blog post yet but I have ported a branch on the supporting repository to use the nuxt/auth OAuth provider. Be aware this needs a couple of tweaks to how you configure the app in Okta (use the SPA app type with PKCE). I hope this is helpful, I’ll find out if it is better to update this post or create a new one.

Hamza Naveed

Thanks Andy, I took reference from the branch that you’ve updated with some tweaks, but I’m getting a prompt from Okta which is asking for an authorisation code. Screenshot attached below; In my understanding shouldn’t the authorization servers be sending the authorization code as well to the browser?

Also here’s how my auth config in the nuxt config looks like;
https://uploads.disquscdn.c…
auth: {
strategies: {
okta: {
scheme: ‘oauth2’,
endpoints: {
authorization: process.env.OAUTH_ISSUER+’/oauth2/auth’,
token: process.env.OAUTH_ISSUER+"/v1/token",
userInfo: process.env.OAUTH_ISSUER+“v1/userinfo”,
},
token: {
property: ‘access_token’,
type: ‘Bearer’,
maxAge: 1800
},
refreshToken: {
property: ‘refresh_token’,
maxAge: 60 * 60 * 24 * 30
},
responseType: ‘code’,
grantType: ‘authorization_code’,
redirectUri: process.env.OKTA_REDIRECT_URI,
clientId: process.env.CLIENT_ID,
scope: [‘openid’, ‘profile’, ‘email’],
codeChallengeMethod: ‘S256’,
autoLogout: false
}
}
},