Using the returned authorization code

After a user successfully links their account on the Web Client or Facebook, an authorization code exists in the session.

Converse will assign the authorization code to a variable that is available in the context object:
  • authCode for single tokens
  • authCodeParts for multi-part tokens that are a string with the parts delimited with the | character.

The authorization should be passed in the body of REST API calls to the third-party system as shown below.

This example is for a system that authenticates using SAML SSO and returns a single key-value pair as a JSON object. Use it like this in the body of the REST API call:

{
   "saml": "{{authCode}}"
}

The following example is for a system that returns a multi-part token. Use it like this in the body of the REST API call:

{ 
    "my_auth_token": {{authCodeParts[0]}}
}

For REST API calls, you enter this as part of the Action interaction, in the Body field on the action's Settings tab.

Note: As an alternative to authCode or authCodeParts, you can create a custom variable to parse the returned authorization code or token. Use an Action interaction of type Set Variable.