I need to send the referrer domain from the login request in order to implement a custom Forgot Password flow. My thought was to use the ext-* variable pattern that is supported by the existing Universal Login flow.
Reference: https://auth0.com/docs/customize/login-pages/universal-login/customize-templates#custom-query-parameters
However, I am not able to access these variables anywhere. It appears that they should be available on loginInstance.authorizationParams.untrustedData but it is always null.
import LoginInstance from "@auth0/auth0-acul-js/login";
const loginInstance = useMemo(() => new LoginInstance(), []);
const { transaction, screen, untrustedData } = loginInstance;
// Access authorization params
console.log(untrustedData.authorizationParams); <--- null
Here is an example login URL that is sent:
http://localhost:3000/auth/login?organization=org_123456789abc&audience=https%3A%2F%2Fauth-testing-api.example.io%2F&prompt=login&returnTo=http%3A%2F%2Flocalhost%3A3000%2F&ext-referrer=localhost%3A3000
I would expect to have access to untrustedData.authorizationParams['ext-referrer'] in this case, but all authorizationParams are empty.
I have filed Github issues for this question in two repositories but have not received any replies on them yet.
opened 02:36PM - 05 Nov 25 UTC
I need to send the referrer domain from the login request in order to implement … a custom Forgot Password flow. My thought was to use the `ext-*` variable pattern that is supported by the existing Universal Login flow.
Reference: https://auth0.com/docs/customize/login-pages/universal-login/customize-templates#custom-query-parameters
However, I am not able to access these variables anywhere. It appears that they *should* be available on `loginInstance.authorizationParams.untrustedData` but it is always `null`.
## Context
Please provide any relevant context that might help us answer your question:
- **What are you trying to achieve?**
Trying to capture the `Referrer` domain of the login request, either using `ext-` parameters or other available means
- **What have you already tried?**
Tried sending a login request with `ext-referrer` variable expecting to have access to it within the ACUL components
- **What documentation have you consulted?**
All available
## Code Example (if applicable)
When I access the implied location of the `ext-*` variables, they are empty.
```
import LoginInstance from "@auth0/auth0-acul-js/login";
const loginInstance = useMemo(() => new LoginInstance(), []);
const { transaction, screen, untrustedData } = loginInstance;
// Access authorization params
console.log(untrustedData.authorizationParams); <--- null
```
Here is an example login URL that is sent:
```
http://localhost:3000/auth/login?organization=org_287zwWOCt7RHmkZI&audience=https%3A%2F%2Fauth-testing-api.example.io%2F&prompt=login&returnTo=http%3A%2F%2Flocalhost%3A3000%2F&simple_middleware=true&ext-referrer=localhost%3A3000
```
I would expect to have access to `untrustedData.authorizationParams['ext-referrer']` in this case, but all authorizationParams are empty.
Let me know if there is another method for accessing this, or a better way to capture the referrer domain, thanks.
## Environment (if relevant)
- **Auth0 ACUL SDK Version**: 0.1.0-beta.7
- **Node.js Version**: 20
- **Framework**: React 19.1.0
opened 12:54PM - 31 Oct 25 UTC
question
## Question
I need to send the referrer domain from the login request in order … to implement a custom Forgot Password flow. My thought was to use the `ext-*` variable pattern that is supported by the existing Universal Login flow.
Reference: https://auth0.com/docs/customize/login-pages/universal-login/customize-templates#custom-query-parameters
## Context
Please provide any relevant context that might help us answer your question:
- **What are you trying to achieve?**
Trying to capture the `Referrer` domain of the login request, either using `ext-` parameters or other available means
- **What have you already tried?**
Tried sending a login request with `ext-referrer` variable expecting to have access to it within the ACUL components
- **What documentation have you consulted?**
All available
## Code Example (if applicable)
When I access the implied location of the `ext-*` variables, they are empty.
```
const loginInstance = useMemo(() => new LoginInstance(), []);
const { transaction, screen, untrustedData } = loginInstance;
// Access authorization params
console.log(untrustedData.authorizationParams); <--- null
```
Here is an example login URL that is sent:
```
http://localhost:3000/auth/login?organization=org_287zwWOCt7RHmkZI&audience=https%3A%2F%2Fauth-testing-api.example.io%2F&prompt=login&returnTo=http%3A%2F%2Flocalhost%3A3000%2F&simple_middleware=true&ext-referrer=localhost%3A3000
```
I would expect to have access to `untrustedData.authorizationParams['ext-referrer']` in this case, but all authorizationParams are empty.
Let me know if there is another method for accessing this, or a better way to capture the referrer domain, thanks.
## Environment (if relevant)
- **Auth0 ACUL SDK Version**: [e.g. 0.1.0-beta.7]
- **Node.js Version**: [e.g. 22.16.0]
- **Framework**: [e.g. React 19.1.0]
## Additional Information
Any other details that might be helpful.
Hi @brycen.rogers
Welcome to the Auth0 Community!
By any chance, is the external parameter you are passing through the URL available in the transaction? What I want to know if the passed in parameter is available if accessed as transaction.params.ext-referrer or transaction.params?
Kind Regards,
Hey @nik.baleca thanks for the reply,
I checked all properties available on the LoginManager with dev tools and I do not see it anywhere in the transaction. Based on the documentation of the LoginInstance in "@auth0/auth0-acul-js/login" it appears this data is expected to be within the untrustedData property.
Here is a screenshot of the dev tools to give you some insight, I have expanded the transaction object on the right
Hi again @brycen.rogers
This might be caused by the fact that the custom query parameters are a feature of New Universal Login and they might not be parsed arbitrarily by LoginInstance since the configuration is populated by the Auth0 server and not by the current URL passed to the browser.
However, as a possible solution, you can try reading the parameter directly from the location of the browser by using window.location. You can do this as seen in this example below:
import LoginInstance from "@auth0/auth0-acul-js/login";
const loginInstance = useMemo(() => new LoginInstance(), []);
const { transaction, screen } = loginInstance;
// Read the parameter directly from the browser's URL as such:
const urlParams = useMemo(() =>
new URLSearchParams(window.location.search)
, []);
const referrerDomain = urlParams.get('ext-referrer');
if (referrerDomain) {
console.log('Referrer found:', referrerDomain);
}
Let me know if the proposed solution is able to fix your issue and if you have any other questions/challenges on the matter.
Kind Regards,
Hey @nik.baleca
Unfortunately the only query parameter available at the login screen at this part of the flow is the state parameter.
Example:
https://auth-testing.example.io/u/login?state=hqFo2SBwanB2T1dKS21JRzlaZE9xRzgzazhfRHpp...
Is this just simply not supported in ACUL anymore, or is this a bug?
Thanks
1 Like
Hi again!
Sorry, I completely forgot about the second redirect to the /u/login URL, that was an oversight on my part.
Could you please let me know what is the screen that you have configured for the specific transaction? Login/LoginId etc?
I would suggest to check out this documentation about the context object in ACUL where you should be able to access the passed in query parameters.
Also, what is the Node version you have configured your tenant to be using? You can find that under Settings → Advanced → Extensibility.
Kind Regards,
Thanks @nik.baleca - I got it working!
I needed to define the "context_configuraiton” on the settings.json file for the screen.
{
"rendering_mode": "advanced",
"context_configuration": [
"untrusted_data.authorization_params.ext-referrer"
],
...
After deploying those changes, I am able to access the ext-referrer variable.
Thanks again!
Thanks for letting me know and for sharing the solution with the rest of us!
If you ever run into any other issue, you can always post and I will be looking forward to seeing you around!
Kind Regards,
system
December 2, 2025, 3:54pm
10
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
