Authorize App Screen Showing Wrong Domain

Hello!

I’m new to Auth0 and just setting up my first app using it. However, something is confusing me about the consent screen shown below.

I expect it to say that it is requesting access to my Google account. However, it is requesting access to an account at my Auth0 domain, instead. This doesn’t seem accurate since the Google account I’m using to test has nothing to do with my Auth0 account. I also feel like this could be confusing for users who see a strange domain rather than Google. Can someone please explain why this consent screen appears this way?

Hi @hansonec207,

Welcome to the Auth0 Community!

I have just checked the users on your tenant and confirmed that the user in your screenshot facing the consent screen is a Google-connection user. Their email address contains ‘@gmail.com,’ and the app was seeking consent to access your dev tenant. Everything seems normal and is functioning as expected.

If you wish to change the name displayed for the account it is accessing, you can set a Friendly Name in the tenant settings. You can find more information about this here for clarity.

Additionally, I observed that in your API settings (ID: 6554f5b0393c9a6dc9dc7227), you have enabled the Allow Skipping User Consent toggle. Just to clarify, enabling this toggle will skip the consent screen.

Please let me know if you have any questions.

Thanks,
Rueben

Hi Reuben,

Thanks for the response! I think where my confusion comes from is that this message reads as if my app is asking for information about K’s account at my tenant domain, but K does not have an account at my tenant domain. My worry is that when I go live, users will see a screen like this and see that it is requesting permission from a domain they’ve never seen, rather than from Google as expected. From a user perspective, I would expect it to say that my app is asking for permission to access their Google account, not my tenant.

Actually, I think I figured out the source of the issue. I’m developing on localhost, which looks like it will always show this consent screen. Once I go live and am using a production, first-party application, this screen should no longer appear, from what I understand.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.