Deleted user can log in and redirected to call-back page with #error in url

Deleted user can log in and is being redirected to callback page with error in url #error=unauthorized&error_description=Access%20denied.&state
I would rather expect universal login form would handle it for me and will show warning message that login is forbidden or something like that.
In my case it causes an infinite loop of redirects because of consequent call of checkSession redirects back to callbackpage with #error instead of passing error as callback param here

webAuth.checkSession({
nonce: ‘1234’,
}, function (err, authResult) {

});

I wasn’t able to recreate this, a deleted user acts the same as a user that does not exist for me. Can you DM me your tenant name so I can take a look at the logs.

1 Like