The State Changers in this meeting discussed a problem they were facing with linking a user's identity to their activities via an API built on Xano and OAuth from Stitch. They found that during redirection, the body of Stitch's 'get all input' function was empty, preventing them from isolating and subsequently recording user states in their app.
They figured out that they needed to extract data from the URL, not the body, at the redirect phase. They explained that parameters returned in endpoint URLs, such as authorization codes and user states, can be defined as inputs for Xano functions, allowing these functions to access this data directly. They further discussed authenticating users based on state. Instead of retrieving user data by ID, they plan to match the state sent back from Stitch to the user’s saved state. Then, using this association, they can pull the correct user and verifier data, and fetch a new authorization token accordingly. Towards the end of the meeting, it was suggested that they add a header to the Xano response, essentially redirecting end users to a friendly web page and not the technical details on the current page. They planned to continue working on this and integrate these changes into their solution. The meeting was predominantly focused on back-end features and API structures. The keywords mentioned from the given list were state change, Stitch, Xano, and OAuth.
(Source: Office Hours 12/13 )
