Adding Users to an Application as part of API user creation

Hi,

I am using universal login for users to login to my application but have an SPA signup page talking to my own API in order to create users.

Everything is working fine and users are being created using the management API from my API but having done that they are prompted to authorise the SPA Application when they first log in using Universal login.

How do I go about creating the user and it knowing which application they have been created “for”?

Hi @efdp,

Welcome to the Auth0 Community!

I understand you would like to create users and add them to applications on creation.

First, let me clarify that the Connection name is a required field when creating users. Therefore, when creating users, you can determine which applications they belong by checking the Database Connections enabled for the applications.

I hope this answers your question.

Please reach out if you have any additional questions. I would be glad to help!

Thank you.

Thanks @rueben.tiow,

I have double checked that and my application does have access to that the connection. The problem here is more UX than functionality. When I used to use universal login for both signup and login my users would simply sign up and login.

Now that I am using my own page and the management API to do signup the flow has changed. Users now signup, login and then get presented with another screen asking them to give permission to the uPredict application.

I would really like to get rid of this prompt for permission as from their perspective they just signed up to my website and now they are being asked to give it permission when they log in.

Cheers,

Eldon Ferran de Pol

Hi @efdp,

Thank you for your response.

In this case, I recommend that you enable the Allow Skipping User Consent setting located in your API settings. Doing so should skip the user consent page whenever they sign up.

Please read this related Community Topic that goes into more details.

Let me know how this works for you.

Thank you.

Hi @efdp,

Allow me to add that as an alternative, you could also pass the prompt=none query parameter in your authentication request to skip the user consent.

For example:

GET https://YOUR_DOMAIN/authorize
    ?response_type=id_token token&
    client_id=...&
    redirect_uri=...&
    state=...&
    scope=openid...&
    nonce=...&
    audience=...&
    response_mode=...&
    prompt=none

I hope this helps!

Thank you.