I’ve looked at all the recent topics (see references) on this and they don’t seem to answer this question for SPA apps. I want to use universal login with React SDK but custom sign up via api with auto login after sign up.
The auth0-js sdk allows login but I cannot bridge that authentication state into my SPA application via the SDK due to the requirements in the sdk library. This is because of the code_challenge and nounce security implemented here. auth0-spa-js/src/Auth0Client.ts at 8653181d23ecea17729da203253d4fa4d17d8ef6 · auth0/auth0-spa-js · GitHub
Is it theoretically possible to get around this challenge by making prepareAuthorizeUrl public and mimicing the nounce + state with authenticating auth0-js and localStorage transactionManager?
Right now I can login automatically with auth0-js but I get an invalid state on handleRedirectCallback() in the spa sdk.
What solution would you recommend to get immediate login after signup?
References