I’m working with OIDC Silent Authentication, and the tutorial describes using the “prompt” parameter on the /authorize API: Configure Silent Authentication
However I can’t find out any more about this parameter - it’s not mentioned in the reference documentation, as far as I can tell: https://auth0.com/docs/api/authentication#social
I’d like to know what happens if you set it to “true” or don’t send it. Can this be documented?
When using prompt=none if there isn’t a valid session, Auth0 returns an error message error_description=Login required as documented here. If there is a valid Auth0 session, the user gets SSOed in as described here.
In no-prompt cases, the user is redirected to the login page if there isn’t a valid session. If there is a valid session, the user will be redirected to the application callback URL with the code or token, depending on the authentication flow details.
When prompt=login is used, the user is forced to log in irrespective of whether a valid auth0 session exists or not.