Disable the Consent Screen for Profile when Logging into Auth0 Applications

Last Updated: Oct 8, 2024

Overview

This article clarifies whether it is possible for users who are signing up or are migrated from another database to seamlessly log in to their apps for the first time without having a one-time authorization for the Profile.

Applies To

  • Consent Screen for Profile
  • Auth0 Applications

Cause

Only first-party applications can skip the consent dialog, but only if the API they are trying to access on behalf of the user has the “Allow Skipping User Consent” option enabled.

Solution

Follow the steps or video below:

The solution will depend on whether the audience is a Custom API or the Management API.

Audience is a Custom API

If the audience matches any Custom API from the tenant, the “Allow Skipping User Consent” option for that API can be enabled.

  1. From the left-hand menu within the Dashboard, navigate to Applications > API > {name-of-api}.
  2. Scroll down towards the bottom of the page until the “Allow Skipping User Consent” appears.
  3. Toggle this option to the green ( “on” ) position.

Audience is the Management API

If the audience is the Management API, it is possible to determine whether an application is registered with Auth0 as a first-party or third-party application by making a call to the Get-a-Client endpoint.

curl --request GET \
  --url 'https://{yourDomain}/api/v2/clients/%7ByourClientId%7D?fields=is_first_party&include_fields=true' \
  --header 'authorization: Bearer {yourMgmtApiAccessToken}'
  1. Get an access token for use with the Management API.
  2. Call the Get-a-Client endpoint shown above, providing details of the Domain, Client_ID, and the Management API Access Token.
    The outcome of this call will show either:
    • If the application is first-party, the is_first_party field will have a value of true.
    • If the application is third-party, the is_first_party field will have a value of false.

In a similar fashion, the is_first_party field can be updated by making a call to the Update-a-Client endpoint.

Related References

1 Like