I have a hosted login page that offers the user a choice between signup and login experiences. I want the user’s choice (signup or login) to end up in the context.request.query object of my Auth0 Rule, so I can use it to enrich the token, as explained here.
However, Auth0 seems to ignore any changes to query parameters that occur after the initial /authorize transaction starts. For example, suppose my app constructs this URL:
https://my-tenant.auth0.com/authorize?state=s&client=c&redirect_uri=r&protocol=oauth2&response_type=code&response_mode=query
If I then append &choice=signup, it is ignored. It seems that the oauth params are “fixed” when the state is set, and cannot be changed afterward.
Is there any way to do this? Essentially what I’m asking for is a way to append extra params to an authorize transaction that’s already been created.
Hi @mamacdon
There’s no way to pass data from the hosted login page to a rule. context.request.query sees only the parameters included in the original /authorize request initiated in the app.
If you are trying to check if the user has just signed up, maybe there are other approaches you can take, like check for a metadata flag in the rule. E.g.
if (user.app_metadata && user.app_metadata.first_login_processed) {
return callback(null, user, context);
}
// this is the first time we see the user (signup)
// do something
[...]
// and set the user's app_metadata.login_processed = true, so that
// this won't execute next time
[...]
Hope this helps!
Thanks for helping on this one Nico!