Hi @nicolas_sabena,
Yes I tried the email verification flow with the settings above. As you can see from the log {{ application.callback_domain }}
is not replaced with the first item in the list of Allowed Callback URLs, instead it throws a bad request error with the following JSON being rendered in my browser. It does verify the email though, so when you navigate manually to the application you can fill in your credentials and you’re good to go.
{
name: "BadRequestError",
code: "invalid_result_url",
description: "invalid result url: ?supportSignUp=true&supportForgotPassword=true&email=mymail%40gmail.com&message=Your%20email%20was%20verified.%20You%20can%20continue%20using%20the%20application.&success=true&code=success",
statusCode: 400
}
I thought it maybe had to do with the protocol not being https, but when I add google as first item in the list of Allowed Callback URLs the same happens.
If I do a password change with the same settings and I fill in {{ application.callback_domain }}
as RedirectUrl it does work, so it seems to only occur for the email validation flow.
I have setup a test case in my private tenant test-joralf in case you want to check it.
Here’s the log for email validation:
{
"date": "2019-12-16T09:20:17.610Z",
"type": "fv",
"description": "invalid result url: ?supportSignUp=true&supportForgotPassword=true&email=mymail%40gmail.com&message=Your%20email%20was%20verified.%20You%20can%20continue%20using%20the%20application.&success=true&code=success",
"connection": "Username-Password-Authentication",
"connection_id": "con_L8ftdJSJu4fZLWRJ",
"client_id": "KSmw355ymd4pVAPOcObpFQh1UxJKuwIZ",
"client_name": "All Applications",
"ip": "89.20.164.66",
"user_agent": "Chrome 79.0.3945 / Mac OS X 10.14.6",
"details": {
"query": {
"email": "mymail@gmail.com",
"user_id": "auth0|5df74c47ab63ea0edf6dfaa0",
"tenant": "test-joralf",
"client_id": "KSmw355ymd4pVAPOcObpFQh1UxJKuwIZ",
"connection": "Username-Password-Authentication",
"resultUrl": "{{ application.callback_domain }}",
"includeEmailInRedirect": true
}
},
"user_id": "auth0|5df74c47ab63ea0edf6dfaa0",
"user_name": "mymail@gmail.com",
"strategy": "auth0",
"strategy_type": "database",
"log_id": "90020191216092018758000482016725977466104171282317705250",
"_id": "90020191216092018758000482016725977466104171282317705250",
"isMobile": false
}
And here’s the one for password change:
{
"date": "2019-12-16T09:18:23.147Z",
"type": "scp",
"description": "You can now login to the application with the new password.",
"connection": "Username-Password-Authentication",
"connection_id": "con_L8ftdJSJu4fZLWRJ",
"client_id": "oxTBbl2sVSmr1vvq4ho2DxV76CBtFSG0",
"client_name": "Test app",
"ip": "89.20.164.66",
"user_agent": "Chrome 79.0.3945 / Mac OS X 10.14.6",
"details": {
"email": "mymail",
"body": {
"newPassword": "*****",
"confirmNewPassword": "*****",
"_csrf": "yk0znz73-TG8FCt6ttPoE4vInMNFi4R8iaAo",
"ticket": "O8Mn8QFX36iCyYN6Ens9EqeMVbAgUSq3"
},
"query": {
"user_id": "5dee293d8545dd0ea6e85f9e",
"email": "mymail",
"username": null,
"newPassword": null,
"tenant": "test-joralf",
"client_id": "oxTBbl2sVSmr1vvq4ho2DxV76CBtFSG0",
"connection": "Username-Password-Authentication",
"resultUrl": "{{ application.callback_domain }}",
"markEmailAsVerified": true,
"includeEmailInRedirect": true
}
},
"user_id": "auth0|5dee293d8545dd0ea6e85f9e",
"user_name": "mymail",
"strategy": "auth0",
"strategy_type": "database",
"log_id": "90020191216091824557000481952025476526148824647197524002",
"_id": "90020191216091824557000481952025476526148824647197524002",
"isMobile": false
}