WachtWacht

<SSOCallback/> component

<SSOCallback /> handles the return path after an SSO or enterprise auth redirect. It reads the callback state, completes the exchange, and decides whether to continue the sign-in attempt or move on to the final redirect.

Usage

The following example shows a basic usage of <SSOCallback />.

import { SSOCallback } from '@wacht/nextjs';export default function SSOCallbackUsage() {  return (    <>      <SSOCallback />    </>  );}

Callback state

The hook reads the OAuth code, the encoded state, and any OAuth error values from the URL.
If the callback URL does not contain either a code or an OAuth error, the component treats it as an invalid callback and stops there.
  • If the OAuth provider returned an error, the component records it and stays on the error state.
  • The callback parser expects the state format used by the auth flow, so malformed or expired links fail early.

Exchange step

The encoded state decides whether the callback is finishing a sign-in flow or a social connection flow.
A sign-in callback and a connect-social callback follow different backend routes behind the scenes.
  • The component forwards both code and state to the backend endpoint.
  • The result includes the updated session and may include a redirect target from the server.

Resume behavior

If the response includes a sign-in attempt, the component routes the user back into the unfinished attempt instead of going straight to the final destination.

Examples

Callback route

export default function SSOCallbackPage() {  return <SSOCallback />;}

On this page

UsageCallback stateExchange stepResume behaviorExamples