NylasConnect.callback() is a callback handler that works for both pop-up and inline authentication flows. This is the recommended method when handling OAuth callbacks on your backend.
// In the browser, automatically uses window.locationconst result = await nylasConnect.callback();// On the backend, you MUST pass the full callback URLconst callbackUrl = `${req.protocol}://${req.get("host")}${req.originalUrl}`;const result = await nylasConnect.callback(callbackUrl);The url parameter is optional in the browser (defaults to window.location) but required on the backend since there’s no window object available.
When to use on backend
Section titled “When to use on backend”Use callback(url) on your backend when:
- You want to handle OAuth code exchange with
client_secret(more secure than PKCE) - You need to store tokens on the backend, not in the browser
- You want to link grants to users securely using a state parameter
- You’re making Nylas API calls from the backend using your API key
See the backend-handled OAuth flow guide for a complete example.
Parameters
Section titled “Parameters”| Property | Type | Description |
|---|---|---|
url | string? | The callback URL to process. Optional in browser (uses window.location). Required on backend. |
Return value
Section titled “Return value”The callback() method returns a Promise<ConnectResult> with the following properties.
| Property | Type | Description |
|---|---|---|
accessToken | string | The access token associated with the user’s grant. |
expiresAt | number | When the access token will expire, in milliseconds using the Unix timestamp format. |
grantId | string | A unique identifier for the user’s grant. |
grantInfo | GrantInfo? | Optional grant information from the idToken. |
idToken | string | An ID token containing information about the user. |
scope | string | A space-delimited list of scopes associated with the user’s grant. |
GrantInfo
Section titled “GrantInfo”| Property | Type | Description |
|---|---|---|
email | string | The email address associated with the grant. |
emailVerified | boolean? | When true, indicates that the user has verified their email address. |
familyName | string? | The user’s surname (last name). |
givenName | string? | The user’s given (first) name. |
id | string | A unique identifier for the user’s grant. |
name | string? | The user’s display name. |
picture | string? | A URL that links to the user’s profile picture. |
provider | string | The OAuth provider that the user authenticated with. |