/authorize's "prompt" parameter not documented

I’m working with OIDC Silent Authentication, and the tutorial describes using the “prompt” parameter on the /authorize API: Configure Silent Authentication

However I can’t find out any more about this parameter - it’s not mentioned in the reference documentation, as far as I can tell:
https://auth0.com/docs/api/authentication#social
I’d like to know what happens if you set it to “true” or don’t send it. Can this be documented?

Welcome Back, Davidread!

The prompt parameter is documented here.

The possible values for the prompt are

  1. prompt=none (a.k.a Silent Authentication)
  2. promp=login
  3. No prompt parameter sent

When using prompt=none if there isn’t a valid session, Auth0 returns an error message error_description=Login required as documented here. If there is a valid Auth0 session, the user gets SSOed in as described here.

In no-prompt cases, the user is redirected to the login page if there isn’t a valid session. If there is a valid session, the user will be redirected to the application callback URL with the code or token, depending on the authentication flow details.

When prompt=login is used, the user is forced to log in irrespective of whether a valid auth0 session exists or not.

2 Likes

Thanks a lot for sharing that knowledge @sandeep.neerarambham!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.