However when trying to redirect from within Rules using the context.redirect , the code parameter is no more appended, instead I am receiving the state parameter.
After doing so, you will be redirected back to your callback URL with the code and state parameter in the URL (just as you see in the first screenshot).
Please let me know if you have any questions or need further clarification on this step.
Hello @rueben.tiow , Much appreciate your response.
I may have missed out elaborating why I am trying to redirect using Rules.
Actually there is a dynamic parameter (named navigate) that I need to add to the callbackURL and since wildcards do not allow me to do so in the allowed callbackurls I am adding the dynamic parameter from within the rules.
Overwriting callback url in rules : https://{myDomain}/myAppMethod?client=xyz&navigate=*somethingDynamicHere*
And what is desired is that auth0 hits back to my application with the format https://{myDomain}/myAppMethod?client=xyz&navigate=*somethingDynamicHere*&code=********
Unfortunately, as you experienced, this is not possible with using Redirect Rules.
Generally, when performing a redirect using Rules, you must resume the authentication flow by sending the original state back to the /continue endpoint. If this is not done, Auth0 will lose the context of the login transaction, and the user will not be able to log in due to an invalid_request error. [Reference: Redirect Users from Within Rules]
With that, could you please clarify what you intend to do with the dynamic query parameter? Would it be possible to append this information as a custom claim that you can decode later?
The dynamic parameter is actually a value being passed from one site to another after the authentication process.
And, yes, thank you for the mention, since my backup alternative was indeed the custom claim approach and I guess I will be going forward with it.