Silent Auto-Login for User after Completing 'Authentication API'-Backed Custom Signup Form

nicolas_sabena · October 24, 2019, 11:09pm

Hey @Grant-Hoover! I’m chiming in with an alternative approach.

What I would do is simply create the session for the user after the signup, without doing the resource owner password grant token exchange. E.g.:

[HttpPost]
public async Task<IActionResult> SignUp(NewUserData user)
{
  // this is your process that calls Management API v2 
  // to create the user and any other necessary tasks
  var createUserResult = await CreateUser(user);
  
  // Everything's good, now go ahead and sign the user in
  var claims = new List<Claim>
  {
      new Claim(ClaimTypes.Email, user.Email),
      new Claim(ClaimTypes.Name, user.Name),
      new Claim(ClaimTypes.NameIdentifier, user.UserId),
      [...] // whatever claim you have either from the user form
            // or from the response from the Management API v2
  };

  var claimsIdentity = new ClaimsIdentity(
      claims, CookieAuthenticationDefaults.AuthenticationScheme);

  await HttpContext.SignInAsync(
    CookieAuthenticationDefaults.AuthenticationScheme, 
    new ClaimsPrincipal(claimsIdentity));

  return this.Redirect("/");
}

WDYT?

Topic		Replies	Views
Advice for silent login after custom sign up Help	1	1410	August 3, 2022
Automatic login after creating Auth0 user Help	29	19164	February 22, 2022
Auto login after sign up Help login-experience , signup-prompt-new-experience	4	3727	December 9, 2022
Sign up button redirect to custom page Help login-experience , signup-prompt-new-experience	3	1495	May 21, 2023
Creating user on our app and log user in Auth0 automatically Help login-experience , new-universal-login-experience	8	1103	February 15, 2024

Silent Auto-Login for User after Completing 'Authentication API'-Backed Custom Signup Form

Related Topics