Clever integration, OAuth2.0

We have a web app that is successfully integrating with Google using authorization code grant.
My client wants us to integrate with Clever, an education provider.
Logging in from our Auth0 login page works fine, but to certify with Clever it needs to be launched from their platform. What it looks like they do is initiate a login against Clever and redirect to the callback url. The problem with this is no Auth0 cookies have been set so we see the message

" You may have pressed the back button, refreshed during login, opened too many login dialogs, or there is some issue with cookies, since we couldn’t find your session. Try logging in again from the application and if the problem persists please contact the administrator."

Is there any way around this?

Hi Mark,

For the scenario you described, Clever and your app, both needs to trust the same Identity Provider. When the user login in Clever for first time, the authentication session is established in the Identity Provider for first time (so the cookies are set). Once the user is authenticated there, it should be able to launch any application from there that trust the same identity provider without being prompted for credentials (as the authentication cookies are already set in the browser).

Identity Provider in your scenario could be Google (with Auth0 acting as broker) or Auth0 directly, but your app and Clever must use the same. For the former, the user will see the Auth0 login page when he lands on your website, and he will have to select Google from the social providers.

1 Like

Thanks for sharing that knowledge!