Hi! Let’s see if I can get some help to this scenario:
Given a tenant with Universal login disabled,
an integration with a 3rd party via OIDC
Once I trigger the call to action in the 3rd party platform to go to the OIDC, we’re transferred to an old-fashioned-non-customizable Auth0 form.
I know the obvious way to go would be to switch to Universal login, but since is a whole tenant setting and this tenant currently holds other production applications this approach is not possible at the moment.
A custom login form working over lock.js is set in place, but if I set that as an Application login URI, gets me nowhere.
Is there a way to force the application using this login URI instead of the default Auth0 form view? Or any other workaround to get this default view customized (and not going through universal login)?
If I’ve understood the requirement here correctly, from your application you can direct the user to the specific OIDC connection by specifying the connection parameter in the /authorize request. This should bypass the the UL prompt.
Thank you so much, Nathan, for your welcome and answer.
From my app, the issue is covered, since I can trigger different flows to end up in the 3rd party app, and your advice of calling the authorize endpoint will be helpful.
But unfortunately, this doesn’t covers the flow when I try to authenticate from the 3rd party. This is standalone application that has its own users DB. We can create OIDC connection to allow users from another source to be able to provision there.
The only information I can set up on 3rd party when creating a OIDC connection is: Issuer, ClientId, ClientSecret and Metadata URL.
With this set, the 3rd party will show a button to allow authentication through external source, Auth0 in this case.
On Auth0 side, I had to create a new application with the data the 3rd party provided: Login URI, Callback URL and Logout URL.
With this setup, the whole flow works whe I iniciate on the 3rd party, but gets me to the Auth0 login form.
What I tried is to use my own app login url in the “Login URI” parameter, but not working.
Hope I made myself clear, maybe it’s a tricky setup.
