auth0
diff --git a/‎EXAMPLES-WEB.md‎
Lines changed: 99 additions & 63 deletions b/‎EXAMPLES-WEB.md‎
Lines changed: 99 additions & 63 deletions
diff --git a/‎README.md‎
Lines changed: 1 addition & 0 deletions b/‎README.md‎
Lines changed: 1 addition & 0 deletions
@@ -2,119 +2,159 @@
 
 This guide provides usage examples specifically for developers targeting **React Native Web**. The web platform uses the underlying `@auth0/auth0-spa-js` library, and its features are aligned with browser security best practices.
 
-## Setup: The `Auth0Provider`
+## 1. The Hooks-Based Approach (Recommended)
 
-All web-based authentication starts with wrapping your application in the `Auth0Provider`. You can also pass `auth0-spa-js` specific options.
+This is the simplest and recommended way to integrate Auth0. The `Auth0Provider` handles all the complexity of the redirect flow automatically.
+
+### Step 1: Wrap Your App in the `Auth0Provider`
+
+In your main application entry point (e.g., `App.tsx`), wrap your application with the provider.
 
 ```jsx
-// App.js
+// src/App.tsx
+import React from 'react';
 import { Auth0Provider } from 'react-native-auth0';
+import config from './auth0-configuration';
+import MainComponent from './MainComponent'; // Your main app UI
 
-const App = () => {
-  return (
-    <Auth0Provider
-      domain="YOUR_AUTH0_DOMAIN"
-      clientId="YOUR_AUTH0_CLIENT_ID"
-      // Optional spa-js specific settings
-      cacheLocation="localstorage"
-      useRefreshTokens={true}
-    >
-      <YourAppRoot />
-    </Auth0Provider>
-  );
-};
+const App = () => (
+  <Auth0Provider domain={config.domain} clientId={config.clientId}>
+    <MainComponent />
+  </Auth0Provider>
+);
 
 export default App;
 ```
 
-## Basic Login and Logout
+### Step 2: Use the `useAuth0` Hook in Your Components
 
-Use the `useAuth0` hook to access authentication methods and state. The primary flow involves redirecting the user to the Auth0 Universal Login page.
+The `Auth0Provider` will automatically handle the redirect callback when your app loads. The `useAuth0` hook will then provide the authentication state.
 
 ```jsx
+// src/MainComponent.tsx
+import React from 'react';
 import { useAuth0 } from 'react-native-auth0';
-import { View, Button, Text } from 'react-native';
+import { View, Button, Text, ActivityIndicator } from 'react-native';
 
-const LoginProfile = () => {
-  const { authorize, clearSession, user, error, isLoading } = useAuth0();
+const MainComponent = () => {
+  const { authorize, clearSession, user, isLoading, error } = useAuth0();
 
   const onLogin = async () => {
     try {
-      // This will redirect the user to the login page.
-      // The promise does not resolve as the page context is lost.
+      // This triggers a redirect to the Auth0 Universal Login page.
       await authorize({ scope: 'openid profile email' });
     } catch (e) {
-      console.log('Login cancelled or failed', e);
+      console.error('Login error:', e);
     }
   };
 
   const onLogout = async () => {
     try {
-      // This will redirect the user to the logout page.
       await clearSession();
     } catch (e) {
-      console.log('Logout error', e);
+      console.error('Logout error:', e);
     }
   };
 
   if (isLoading) {
     return (
       <View>
-        <Text>Loading...</Text>
+        <ActivityIndicator size="large" />
       </View>
     );
   }
 
   return (
     <View>
-      {user && (
+      {error && <Text>Error: {error.message}</Text>}
+      {user ? (
         <>
-          <Text>Logged in as {user.name}</Text>
-          <Button onPress={onLogout} title="Log Out" />
+          <Text>Welcome, {user.name}!</Text>
+          <Button title="Log Out" onPress={onLogout} />
         </>
+      ) : (
+        <Button title="Log In" onPress={onLogin} />
       )}
-      {!user && <Button onPress={onLogin} title="Log In" />}
-      {error && <Text style={{ color: 'red' }}>{error.message}</Text>}
     </View>
   );
 };
 ```
 
-## Accessing User Information and Tokens
+## 2. The Class-Based / Manual Approach
+
+If you are not using React Hooks or need more fine-grained control, you can instantiate the `Auth0` class and handle the redirect callback manually.
+
+### Step 1: Instantiate the `Auth0` Client
+
+Create a singleton instance of the client.
+
+```javascript
+// src/api/auth0.ts
+import Auth0 from 'react-native-auth0';
+import config from '../auth0-configuration';
+
+const auth0 = new Auth0({
+  domain: config.domain,
+  clientId: config.clientId,
+});
+
+export default auth0;
+```
+
+### Step 2: Handle the Redirect Callback
 
-After a user is logged in, you can access their profile from the `user` object. To get a fresh access token for calling a protected API, use `getCredentials`.
+In your application's root component or entry point, you need to add logic to process the result from Auth0 after the user is redirected back.
 
 ```jsx
-import { useAuth0 } from 'react-native-auth0';
+// src/App.tsx
+import React, { useEffect, useState } from 'react';
+import { View, Button, Text } from 'react-native';
+import auth0 from './api/auth0'; // Import your singleton
+import type { User } from 'react-native-auth0';
 
-const Profile = () => {
-  const { user } = useAuth0();
-  return user ? <Text>Welcome, {user.name}!</Text> : null;
-};
+const App = () => {
+  const [user, setUser] = useState<User | null>(null);
+  const [isLoading, setIsLoading] = useState(true);
+
+  useEffect(() => {
+    const checkSession = async () => {
+      // Check if the URL contains redirect parameters
+      if (window.location.search.includes('code=') && window.location.search.includes('state=')) {
+        try {
+          // Process the redirect
+          await auth0.webAuth.handleRedirectCallback();
+        } catch (e) {
+          console.error(e);
+        }
+        // Clean the URL
+        window.history.replaceState({}, document.title, '/');
+      }
+
+      // After handling a potential redirect, check for an existing session
+      try {
+        const credentials = await auth0.credentialsManager.getCredentials();
+        // Assuming you have a way to decode the idToken to get the user
+        // const decodedUser = jwt_decode(credentials.idToken);
+        // setUser(decodedUser);
+      } catch (e) {
+        // No credentials, user is not logged in
+        setUser(null);
+      }
+      setIsLoading(false);
+    };
+
+    checkSession();
+  }, []);
 
-const ApiButton = () => {
-  const { getCredentials } = useAuth0();
+  const onLogin = async () => {
+    await auth0.webAuth.authorize({ scope: 'openid profile email' });
+  };
 
-  const callApi = async () => {
-    try {
-      // getCredentials uses getTokenSilently() from auth0-spa-js
-      // to get a valid token, refreshing it if necessary.
-      const credentials = await getCredentials();
-      const accessToken = credentials.accessToken;
-
-      const response = await fetch('https://api.example.com/data', {
-        headers: {
-          Authorization: `Bearer ${accessToken}`,
-        },
-      });
-      const data = await response.json();
-      console.log('API Data:', data);
-    } catch (e) {
-      console.error('Failed to get token or call API', e);
-    }
+  const onLogout = async () => {
+    await auth0.webAuth.clearSession();
   };
 
-  return <Button onPress={callApi} title="Call Protected API" />;
+  // ... Render UI based on isLoading and user state ...
 };
 ```
 
@@ -129,7 +169,3 @@ For security reasons, the web platform **does not support** direct authenticatio
 - `auth.refreshToken()`
 
 All these flows should be configured in your [Auth0 Universal Login](https://auth0.com/docs/universal-login) page and initiated via the `authorize()` method.
-
-```
-
-```
 
@@ -673,6 +673,7 @@ This library provides a unified API across Native (iOS/Android) and Web platform
 | **Web Authentication**                     |                      |               | ---                                                                                                                                                                      |
 | `webAuth.authorize()`                      |          ✅          |      ✅       | **Primary login method.** Uses `ASWebAuthenticationSession`/`Custom Tabs` on Native and `loginWithRedirect` on Web.                                                      |
 | `webAuth.clearSession()`                   |          ✅          |      ✅       | **Primary logout method.** Clears the session cookie on the server via a browser redirect.                                                                               |
+| `webAuth.handleRedirectCallback()`         |          ❌          |      ✅       | **Web-only.** Manually processes the callback from Auth0. Handled automatically when using the `Auth0Provider` hook.                                                     |
 | **Credential Management**                  |                      |               | ---                                                                                                                                                                      |
 | `credentialsManager.getCredentials()`      |          ✅          |      ✅       | Retrieves stored tokens. On Native, it uses the secure Keychain/Keystore. On Web, it uses the `@auth0/auth0-spa-js` cache and `getTokenSilently`.                        |
 | `credentialsManager.hasValidCredentials()` |          ✅          |      ✅       | Checks for a valid local session.                                                                                                                                        |