Account link extension fails with Bad Request error

kierans777 · November 30, 2020, 12:30pm

The rule hard codes the tenant information

var config = {
  endpoints: {
    linking: 'https://tenant-A.au12.webtask.io/abc123',
    userApi: auth0.baseUrl + '/users',
    usersByEmailApi: auth0.baseUrl + '/users-by-email'
  },
  token: {
    clientId: 'fkjafadksfakfakdfkald',
    clientSecret: '********',
    issuer: auth0.domain
  }
};

And this was the root cause. When the rule was deployed into tenant B, the rule code from the extension was overwritten by code from tenant A, so the rule was using the extension host in tenant A.

This goes against Auth0 best practise as the code should be tenant agnostic with the tenant information being injected via configuration. I’ve since updated the code to have keyword placeholders. I’ve also updated my build pipeline to check for hardcoded config values and fail if any are found.

Topic		Replies	Views
First login after account link fails when using Account Link extension with React Get Help auth0 , spa , react , account-linking	2	2487	May 20, 2024
Auth0 Account Linking Throws Error Get Help	2	3740	August 16, 2019
Error when testing connection for the Github login Get Help connections , other-built-in-social-connections	9	41	September 26, 2024
Account Linking Extensions doesn't work Get Help user-management , account-linking	4	1453	February 10, 2023
Do you have a valid link for the auth0 rule "link-users-by-email"? Get Help auth0	6	5336	June 4, 2020

Account link extension fails with Bad Request error

Related topics