Auth0 Registration Issue: User Recognition After 'Decline'

Help
,
1

In our app using Auth0 for registration, users input their email and password, proceed to register, but click “Decline” instead of completing the sign-up. The system registers the user in Auth0, but they are not logged in. The issue occurs when the user tries to register again with the same details; the system doesn’t allow it.

We can’t figure out how Auth0 recognizes the user after clicking “Decline” or which field/identifier is used to track them, as their information already exists in the database. How does Auth0 identify the user in this case, and why does it prevent further registration attempts? How can we resolve this to allow the user to register again?

Context:

  • User enters email and password, clicks “Decline.”
  • User is not logged in.
  • System prevents re-registration with the same details.
3

Hi @Anastasiia_m,

When using the New Universal Login experience, there isn’t an option to click on “Decline” during the sign up process.

Could you elaborate how the user clicks on “Decline” by providing a screenshot?

Secondly, could you check your Auth0 Logs and confirm for me if it shows an event indicating that the user signed up regardless of declining the sign up process?

Thanks,
Rueben

4

Sure!
That’s the modal window with accepting join to auth system and logs: https://fex.net/ru/s/od1effc

PS: Sorry, I can’t upload images on the system because I have a limited right as a new user.

5

Hi @Anastasiia_m ,

By any chance, are you testing this in your local dev environment with https://localhost:port#

or

Do you have any callback URL configured where you have added https://localhost:port#?

You can refer this post to check you have enabled Allow Skipping User Consent.

1 Like
6

Yes, I am testing this in my local dev environment with https://localhost:3000.
I have added https://localhost:3000 in the Allowed Callback URLs under the application’s settings in Auth0. However, I’m not using any URL with a hash fragment (e.g., #).

7

Hi @Anastasiia_m ,

# part was just an replacement for port number.

As long as you testing on localhost, you will get that pop up.

8

Hi!
I have confirmed that the Allow Skipping User Consent toggle is enabled for the application. Additionally:

  • The Callback URL (https://localhost:3000) is correctly configured in the Allowed Callback URLs section under the application’s settings.
  • The Allowed Web Origins and Allowed Logout URLs also include https://localhost:3000 to ensure compatibility during testing.

Despite these settings, the issue persists. The consent screen still appears. Could you advise on any additional configurations or troubleshooting steps that might resolve this?

9

Btw, I tested it with ngrok to avoid localhost and the issue still exist

10

Hi @Anastasiia_m,

Thanks for the update.

Unfortunately, Auth0 will always display the consent dialog for apps redirected to localhost regardless of enabling the Allow Skipping User Consent option or marked as first-party applications. This is for security purposes and a known limitation for desktop applications.

For more information, please refer to our User Consent and Third-Party Applications documentation.

Thanks,
Rueben