Last Updated: Oct 8, 2024
Overview
This article clarifies whether it is possible for users who are signing up or are migrated from another database to seamlessly log in to their apps for the first time without having a one-time authorization for the Profile.
Applies To
- Consent Screen for Profile
- Auth0 Applications
Cause
Only first-party applications can skip the consent dialog, but only if the API they are trying to access on behalf of the user has the “Allow Skipping User Consent” option enabled.
Solution
Follow the steps or video below:
The solution will depend on whether the audience is a Custom API or the Management API.
Audience is a Custom API
If the audience matches any Custom API from the tenant, the “Allow Skipping User Consent” option for that API can be enabled.
- From the left-hand menu within the Dashboard, navigate to Applications > API > {name-of-api}.
- Scroll down towards the bottom of the page until the “Allow Skipping User Consent” appears.
- Toggle this option to the green ( “on” ) position.
Audience is the Management API
If the audience is the Management API, it is possible to determine whether an application is registered with Auth0 as a first-party or third-party application by making a call to the Get-a-Client endpoint.
curl --request GET \
--url 'https://{yourDomain}/api/v2/clients/%7ByourClientId%7D?fields=is_first_party&include_fields=true' \
--header 'authorization: Bearer {yourMgmtApiAccessToken}'
- Get an access token for use with the Management API.
- Call the Get-a-Client endpoint shown above, providing details of the Domain, Client_ID, and the Management API Access Token.
The outcome of this call will show either:- If the application is first-party, the
is_first_party
field will have a value oftrue
. - If the application is third-party, the
is_first_party
field will have a value offalse
.
- If the application is first-party, the
In a similar fashion, the is_first_party
field can be updated by making a call to the Update-a-Client endpoint.