Android Custom Auth0Scheme and relationship to Social Media Login Issues

I am wondering if anybody can share their experiences with this issue, or resolutions

I have an Android Native App that is Authenticating with Auth0, Google and Facebook Social Media Logins turned on.

Was using the “demo” scheme as per the quickstart documentation (this was all configured more than a year ago) and all logins (auth0, google, facebook) were working fine with Auth0 Development keys.

Except when I went to now create Google client keys (as I will need to for production eventually) the google console forces callback protocol must be https or http ONLY, Ok so i changed my scheme to https and now the callback generates an option to the user to handle the callback with my App or with Chrome.

problem is that after the callback I have a series of additional tasks that Must be processed after login, if the user chooses Chrome then the process is truncated, and this causes my App to not be in the proper state afterwards.

So use the custom scheme and cant do social media logins, or
use Https scheme and have my app not work properly

I see that there is a way to set device specific parameters so that the callback is automatically picked up by my app but this involves a lot more configuration and the fingerprints are specific to each build flavor and this seems like it is just way more complicated than it warrants.

My libraries are out of date (upgrading is causing some rework issues) but I don’t see the behavior changing even with the newer libraries (although I am going to try)

Android targetSdkVersion 30
Auth0 SDK

1 Like

I am trying to follow the docs on how to get the Android deep linking working (to avoid the user being prompted for how to handle the callback)
and either I am not understanding something or the process is flawed.

I set up my device parameters for my client application with package name and hash
then setup my intent filter which specified the domain name of my tenant

Probably my intent filter is not working correctly because I already have an intent filter
for the callback to properly trigger the Activity, because I am still using the 1.8.0 SDK library
so not sure if these intents for the same action for the same activity are causing a collision

but in any case the problem now seems to be that i am getting prompted as to which app to use on the initial method call to Auth0 and then if i go through the browser, the authentication fails.
I do think this is the intent filter problem but it highlights an issue

all i can specify in the filter is the domain, and since the initial call and the callback are to that same domain , even if the intent filter is working properly how is the first call supposed to automatically direct to the browser to get the auth done, and the callback to automatically direct to my app?

1 Like

Hi there @amalyc welcome back to the community :slight_smile: Thanks for the detailed description of the issue you’re running into.

I’ve definitely seen some confusion around this in the past and I unfortunately don’t have an answer to your specific situation, but I can speak to my experience using our sample app which uses - Like you, I am not sure updating will change the behavior you are seeing.

Here are the steps I took:

  • I have the auth0 scheme set to <string name="com_auth0_scheme">demo</string>
  • A Google social connection configured with production keys.
  • Added https://{my_domain} as an Authorized Javascript origin in Google.
  • Added https://{my_domain} as an Authorized redirect URI in Google.
  • Added demo://{my_domain} as an Allowed callback URL in my Auth0 application settings.

With these settings the sample app pulls up Universal Login in a Chrome Custom Tab, I am able to authenticate with Google and am redirected to the app without any subsequent options displayed to the user. Obviously using the sample app is a bit different than your own, but perhaps you can test in the sample app for comparison purposes and let us know how it goes.

Additionally, if you think there is an issue with Auth0.Android that should be looked into, I definitely encourage you to open up an issue against the repo itself if you haven’t already done so :mag_right:

Hope this helps - Keep us posted!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.