curl --request GET \
--url https://pria.praxislxp.com/api/auth/google/services/callbackGoogle Services OAuth callback
Google redirects here after the user accepts (or rejects) the consent screen.
Validates the CSRF state against req.session.oauth_state, exchanges the
authorization code for tokens, then stores them on UserInstitution.googleLoginToken
or User.googleLoginToken depending on the institution context captured at
authorize time.
On success the user is redirected to ${PRIA_URL}/my-profile/me?oauth=google&status=success
(profile origin) or ${PRIA_URL}/pria/personal/qanda (chat origin). On failure the user
is redirected to ${PRIA_URL}/oauth/success?error=<code> where the SPA renders the
error. This callback is not a JWT-protected endpoint — auth is proven by the
session-bound CSRF state, identical to the public OAuth login callbacks.
curl --request GET \
--url https://pria.praxislxp.com/api/auth/google/services/callbackQuery Parameters
Authorization code returned by Google. Required on success.
CSRF state to compare against req.session.oauth_state.value.
Set by Google when the user denies consent or the request is malformed.
Response
Always a redirect. On success → profile or chat page (per the captured origin).
On any failure (missing code, state mismatch, token exchange error) →
${PRIA_URL}/oauth/success?error=<code>.
Was this page helpful?