We’re workin on implementing a domain whitelist similar to this template: auth0/opensource-marketplace/blob/main/templates/simple-domain-allowlist-POST_LOGIN/code.js /** * Handler that will be called during the execution of a PostLogin flow. * * --- AUTH0 ACTIONS TEMPLATE https:/…

Ahh, I needed to pass the client_id parameter so it knows which app to use for a logout whitelist. The following solution is working now: api.redirect.sendUserTo(`https://${event.tenant.id}.us.auth0.com/v2/logout`, { query: { client_id: event.client.client_id, returnTo: `${event…

Custom Action: user stays logged into Auth0 after api.access.deny

Help

tyf September 5, 2024, 11:12pm 3

Hey there @mcantrell !

As api.access.deny does not end any existing session, you’ll also want to log users out in order to avoid the loop you’re experiencing. Please see the following post:

Topic		Replies	Views
Redirect Users After Denying Registration Help login , redirect , actions	2	2718	October 27, 2022
Disable login before email verification Help email-verification , user-management	6	4329	January 24, 2023
How to handle access denied response Help login-experience , login-prompt-new-experience	5	839	August 7, 2024
Can't control access to pages using actions? Help	6	2626	December 22, 2022
Login / Post Login Action: api.access.deny in onExecutePostLogin produces infinite loop Help classic-universal-login-experience , login-experience	6	1373	May 5, 2023

Custom Action: user stays logged into Auth0 after api.access.deny

Related topics