I have an old app located on portal.website.com written in old tech. Now I am rewriting part by part to Angular+dotnet api that will be located on account.website.com. All is hosted on Azure.
Crucial requirement from operations is seamless transition for users from portal to account. I have read documentation and read about seamless but when I did first test on local I got prompted to Authorize App, despite both apps being my First-Party. I am using Sample App provided by Auth0 for testing.
Then I googled and discovered that localhost is always considered to be third party. So I then altered my hosts file on windows dev machine, created personal certificate just to “fake” real site, but I got prompted Authorize App again. I saw that for API I can enable “Allow Skipping User Consent” but there is no such setting unfortunately on Applications. I did remove local hosts from Allow Origins Logout and other fields.
I am currently trying to deploy Angular Sample 01 on Azure but it is building for roughly 3 hours and still not done. Any suggestions or help on disabling Authorize App?
EDIT: I have deployed it to azure, but it does have different domain (azurewebsite.net vs azurestaticweb.net) than the original if that might be a problem, and I am getting prompted again I did not try on production environment where I would have same URL but different subdomain.
You should be able to bypass the Authorize App prompt if you have a first party app. It sounds like you have tested the main possible causes, but I’ll reiterate them here to double check:
- App has the flag for a third party app
- The app is deployed on
- The app’s Allowed Callback URL configuration includes a
- The Allow Skipping User Consent option is disabled on any registered APIs for that application.
Otherwise, I’d be happy to take a look at your settings if you DM me your tenant name and ID of the effected client. Thank you.
Ok, Dan solved this issue on DMs.
It had two possible solutions:
First one is: Do not send Audience parameter if you do not need it(that is my case)
Other one is: Enable Allow Skipping User Consent for Management API if you do use it
All in all that was the tiny trick and it was solved simply in the end, when you talk to someone who knows his job well.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.