How to get token param from /authorize after single user server redirected the original request?

Hello,

I’m trying to embed Jupyter Notebook in my web UI using iFrame. A user login my web app and it generates token in cookie. However, the cookie won’t be shared with requests to JupyterHub because I can’t use same domain for them. Instead, I appended the token to query param like https://jupyter.myapp2.com/user/1234/server89282?token=abcdefg.

The server was already created before UI connects to it. The initial request is redirected to /hub/authorize. I thought the token would be still present in the redirected request so I was going to implement custom Authenticator which will pick up the token and validate it with identity service. However, entire query string was replaced with client id, state, response type, and so on but I don’t see the token anywhere. Is it by design or am I missing something here?

What I want to do is
User login Web App → Web App generates token in Cookie → Use the token to authenticate/authorize user for JupyterHub/Server without showing Login page.

Any suggestion will be appreciated.

?token is specially handled for authorization. You might get what you want if you use just about any other url parameter name, e.g. ?specificallyMyToken=.... Most URL parameters are expected to be preserved after oauth completes, but the token param is used by Jupyter auth itself.