Dont understand how to fetch the authenticated zoom user

Zoom Apps Configuration
Zoom App SDK
React , Nodejs , Express

Description

I am using the zoom react advanced sample as a reference but struggling to understand how to fetch the logged in user/token when an already authorized user opens the app.

So If I understand correctly the /home route is called when the app is launched since that’s the home URL.

Then that route decrypts the header x-zoom-app-context which gets the decrypted token in order to get the user.

So that’s great. BUT

We have a separate React app deployed on Firebase at the moment and an API deployed elsewhere.
Is it possible to capture that header without doing a proxy through the API?

@heinrich With the latest version of the Zoom Apps SDK, we have the getAppContext() function that will provide the client with the same Zoom Apps Context Header as when using a server.

Let me know if that helps.

(post deleted by author)

@MaxM Thanks for that answer. It really helped push me in the right direction.

So I get the context, pass it to the api, decrypt it and get the zoom user.

BUT

This worked the first time and then got invalid token.

So my question is, do you need to do the Auth challenge and then onauthorized event to refresh the token?

My problem is for some reason req.session.codeVerifier for example is not persisting, so I call authorize to generate the state and the codeVerifier but then wehen onauthorized fires of the endpoint, I dont know what the codeChallenge was.