Auth0 Home Blog Docs

Consent screen redirect strategy works with database users, but not with social connections

social-connections

#1

Hi there,

I followed https://auth0.com/docs/compliance/gdpr/features-aiding-compliance/user-consent/track-consent-with-lock#option-3-redirect-to-another-page and opted in for “Option 3” to cater for user-password, as well as social logins (Google, Facebook).

When using user/password, everything works flawlessly.

  1. User authenticates
  2. Redirect rule confirmed to be running and redirecting to legal consent page
  3. User agrees with legal terms and hits the /continue endpoint, including state parameter
  4. Redirect rule confirmed to be running and storing consent opt in to database
  5. Callback is happening and user is logged in

When using a social login provider to authenticate step 1-3 is happening as well, including the state parameter being attached to the /continue url parameters. Unfortunately though step 4 fails, as the rule is not running (I have a console.log on line 1 to confirm) and /code?state=xxx returns Unauthorized instead.

Any idea what I’m doing potentially doing wrong here? There’s nothing in the logs when step 4 fails… nothing on the global logs, nor on the rule logs.

Thank you,

Sascha


#2

Is it possible that you are using the “developer” (i.e. built-in) keys for the social providers?


#3

That’s indeed the case. I was already wondering if that could cause trouble here, but wouldn’t how/why? I only get a warning logged because of that, but no errors. I wanted to put my own credentials soon anyway, but would still be curious to understand why this is causing problems here if you can share :slight_smile:


#4

It’s mostly caused by the different domains involved (your Auth0 domain and a special domain, login.auth0.com, used as the recipient for all the dev keys callbacks) and the inability to share sessions. You can find a more complete explanation of what doesn’t work and why at https://auth0.com/docs/connections/social/devkeys.

Dev keys makes it easier to get the “A-ha!” moment, but unfortunately have some issues associated with them.


#5

Thanks for the great explanation Nicolas! I’ll change to my own keys next week :slight_smile: