Use Case We have multiple applications, let’s say public and private and want users with the private role to be able to access the private application on login. All other users (without the private role) will be denied at login. Current Solution We created a login action to check if the user has …

Api.access.deny causes redirect loop

mgls April 7, 2023, 5:58pm 4

Our solution: we don’t use api.access.deny() anymore but use api.redirect.sendUserTo('https://{auth0_tenant}.eu.auth0.com/v2/logout?returnTo=https%3A%2F%2Fexample.com').

With this, the not-allowed user will be logged out immediately after the login and gets redirected to the specified returnTo URL.

2 Likes

Logout via onExecutePostLogin action

Using api.redirect.sendUserTo('https://{auth0_tenant}.eu.auth0.com/v2/logout?returnTo=') with an error message

Topic		Replies	Views
Using api.redirect.sendUserTo('https://{auth0_tenant}.eu.auth0.com/v2/logout?returnTo=') with an error message Help classic-universal-login-experience , login-experience	1	1003	October 4, 2023
Login / Post Login Action: api.access.deny in onExecutePostLogin produces infinite loop Help classic-universal-login-experience , login-experience	6	1363	May 5, 2023
Api.access.deny and api.redirect.sendUserTo looping after call in login action Knowledge Articles api , loop , action	1	2925	September 14, 2022
Api.access.deny doesn't seem to return any value Help login-experience , login-prompt-new-experience	0	40	August 7, 2024
Custom Action: user stays logged into Auth0 after api.access.deny Help login-experience , new-universal-login-experience	10	71	September 25, 2024

Api.access.deny causes redirect loop

Related Topics