How do you access user data once authentication is made in OAuth flow?

context: I integrated a Node.js Smartsheet Oauth flow into my Django app by having the login button in django direct the user to the /auth url on the Node server. Once the flow is done and user logs in through Smartsheet, the redirect URL from the Smartsheet dev tools takes the user back to the Django website.

Objective: I am trying to access the user data, so that before they log in a variable called user = undefined, and after they log in the variable called user is an object with a set of user data that comes from the smartsheet API. This object would include: id, email, first name, last name, etc...

I have tried a few approaches:

  1. I tried to fetch data from the /callback url where the OAuth flow generates and saves token data, but I get rejections, maybe due to thoughtful security protocall
  2. Ive tried to play with "raw token requests" for current user, maybe accessing them from the Node.js server and then sending data back through a post request. I haven't get it working and it seems incorrect to post user data as it comes, and have the django app try to match the user to their data once inside the django app.

Am I missing something obvious? How do I best grab user data from the user who has just logged in? I want to display their username for them, as well as mark their username to changes they make to the smartsheet files from the app.

Thanks for the help!