I understand the Hosted login page would be able to retrieve query parameters that are passed to auth0’s /authorize endpoint.
I wonder if these parameters can somehow be passed to Rules after a successful authentication and authorization. I am missing this link to authorize a user based on a given “custom attribute”. This custom attribute will helps us to derive the user’s permissions in rules. I want to be able to pass on the custom attribute from Hosted Login Page as a parameter to /authorize end point. Is this even possible?
You should be able to access parameters in Rules from the context.request object.
For example, if you had a parameter called foo with a value of bar being passed you could access it like this:
var foo = context.request.query.foo;
Do note If you are calling the /authorize endpoint it is not recommended to send custom parameters. So if you were passing something actually called foo this would be a non-OIDC compliant parameter. Although the parameter still gets passed, there will be a warning present since we cannot guarantee this will work in the future.
Thanks for responding. I got a similar response from Auth0’s customer support. I guess I’d have to stick with OIDC complaint parameters for /authorize endpoint.
2 Likes