www/apps/resources/references/auth/IAuthModuleService/methods/auth.IAuthModuleService.validateCallback/page.mdx
import { TypeList } from "docs-ui"
This documentation provides a reference to the validateCallback method. This belongs to the Auth Module.
You should only use this methods when implementing complex customizations. For common cases, check out available workflows instead.
</Note>When authenticating users with a third-party provider, such as Google, the user performs an action to finish the authentication, such as enter their credentials in Google's sign-in form.
In those cases, you must create an API route or endpoint that's called by the third-party provider when the user finishes performing the required action.
In that API route, you can call this method to validate the third-party provider's callback and authenticate the user.
Learn more about this authentication flow in this guide.
The following example is in the context of an API route, where
req is an instance of the MedusaRequest object:
const { success, authIdentity, error } =
await authModuleService.validateCallback("google", {
url: req.url,
headers: req.headers,
query: req.query,
body: req.body,
protocol: req.protocol,
} as AuthenticationInput)
<TypeList types={[{"name":"provider","type":"string","description":"The ID of the provider to use to validate the callback.","optional":false,"defaultValue":"","expandable":false,"children":[]},{"name":"providerData","type":"AuthenticationInput","description":"The data to pass to the provider to validate the callback.","optional":false,"defaultValue":"","expandable":false,"children":[{"name":"url","type":"string","description":"URL of the incoming authentication request.","optional":true,"defaultValue":"","expandable":false,"children":[]},{"name":"headers","type":"Record<string, string>","description":"Headers of incoming authentication request.","optional":true,"defaultValue":"","expandable":false,"children":[]},{"name":"query","type":"Record<string, string>","description":"Query params of the incoming authentication request.","optional":true,"defaultValue":"","expandable":false,"children":[]},{"name":"body","type":"Record<string, string>","description":"Body of the incoming authentication request.\n\nOne of the arguments that is suggested to be treated in a standard manner is a callback_url field.\nThe field specifies where the user is redirected to after a successful authentication in the case of Oauth auhentication.\nIf not passed, the provider will fallback to the callback\_url provided in the provider options.","optional":true,"defaultValue":"","expandable":false,"children":[]},{"name":"protocol","type":"string","description":"Protocol of the incoming authentication request (For example, https).","optional":true,"defaultValue":"","expandable":false,"children":[]}]}]} expandUrl="https://docs.medusajs.com/learn/fundamentals/data-models/manage-relationships#retrieve-records-of-relation" sectionTitle="validateCallback"/>
<TypeList types={[{"name":"Promise","type":"Promise<AuthenticationResponse>","optional":false,"defaultValue":"","description":"The details of the authentication result.","expandable":false,"children":[{"name":"success","type":"boolean","description":"Whether the authentication was successful.","optional":false,"defaultValue":"","expandable":false,"children":[]},{"name":"authIdentity","type":"AuthIdentityDTO","description":"The authenticated user's details.","optional":true,"defaultValue":"","expandable":false,"children":[{"name":"id","type":"string","description":"The ID of the auth identity.","optional":false,"defaultValue":"","expandable":false,"children":[]},{"name":"provider_identities","type":"ProviderIdentityDTO[]","description":"The list of provider identities linked to the auth identity.","optional":true,"defaultValue":"","expandable":false,"children":[]},{"name":"app_metadata","type":"Record<string, unknown>","description":"Holds information related to the actor IDs tied to the auth identity.","optional":true,"defaultValue":"","expandable":false,"children":[]}]},{"name":"error","type":"string","description":"If an error occurs during the authentication process,\nwhether within the Auth Module or a third-party provider,\nthe error message is set in this field.","optional":true,"defaultValue":"","expandable":false,"children":[]},{"name":"location","type":"string","description":"The URL to redirect to for further authentication action\nwith a third-party provider. This takes precedence before\nthe success field.\n\nSo, after checking that authentication is successful,\nyou should check whether this field is defined and, if so, redirect to the\nspecified location.","optional":true,"defaultValue":"","expandable":false,"children":[]}]}]} expandUrl="https://docs.medusajs.com/learn/fundamentals/data-models/manage-relationships#retrieve-records-of-relation" sectionTitle="validateCallback"/>