Unfortunately, this is not possible. To ‘login the user’, Auth0 needs to create a session. The session cookie needs to be set by the authorization server, so it can’t be set from outside the tenant domain.
Also, it is considered an antipattern and security issue as per OWASP. OWASP
Once they have set their new password, the user should then login through the usual mechanism. Don’t automatically log the user in, as this introduces additional complexity to the authentication and session handling code, and increases the likelihood of introducing vulnerabilities.