What Is The Proper Way To Use An Access Token Returned By Passport.js?

- 1 answer

I'm trying to understand how to use oauth2 in a pet project. I understand how passport.js uses the middleware passport.authenticate('google'...) to make sure that a user is authorized and I understand that the access token, refresh token, and profile are returned. However, how would I use the access token properly? When I get the access token, then I know that a user has been successfully authenticated and I have the scope information which is in profile. But then I'm just confused as to what I would need the accesstoken for now that I have it.



Is helpful. I don't believe that passport.js will do it for us.

To further clarify for future: Just use the access token in a header and send it as an option to request.

const opt = {
  url: 'some/protected/api',
  headers: {
    Authorization: `Bearer ${accessToken}`

request.get(opt, (err, response, body) => {