We have a post-login action that will use
api.access.deny to block users if they try to log in with a certain email domain. They get redirected to an error page, but when they try to go back to the login screen to enter their correct credentials, they are immediately routed back to the error page. How can we get the login screen to reappear for these users?
The reason you’re being immediately redirected to your application’s callback URL is because Rules and Post-Login Actions execute after a successful login. So the user authenticates, is then blocked by your Rule or Action, and the
access_denied response is returned to your application. This blocked user has an active Auth0 session.
To kill your session, you’ll need to redirect to the /v2/logout endpoint if you wish to attempt another login again; otherwise, Auth0 will see their session, execute the Action, and return them automatically to your Application’s callback with the