Disabling silent re-authentication from angular app

emil2 · September 18, 2018, 9:27am

greetings,

I am trying to disable the silent re-authentication in an angular(6) app. I have followed the quickstart guidelines to integrate with auth0 and it works fine, however after calling the logout function and trying to log in again silent auth kicks in and I am not prompted for credentials any more.

I understand that’s a feature but I would like to disable it, I would like my users to be prompted back for credentials after each logout. I found some discussions online and tried to apply that advise, but it did not work.

Here is how I initialize the auth0 object in the AuthService:

auth0 = new auth0.WebAuth({
clientID: 'XXXXXXX',
domain: 'xxxxxxx.eu.auth0.com',
responseType: 'token id_token',
audience: 'https://xxxxxxx.eu.auth0.com/userinfo',
redirectUri: 'http://localhost:4200/callback',
scope: 'openid',
prompt: 'login'

});

My guess is either the value I pass to the prompt parameter is not right or the info I found online is outdated and this is not how I am supposed to do it.

Can anyone please advise?

thank you,
Emil

emil2 · September 18, 2018, 3:32pm

It took some digging in the auth0js source code but I found the solution. the prompt parameter needss to be passed to the “authorise” function, not when initializing WebAuth. As I am using angular, the “login” method from the AuthService, as described in the angular quickstart guide, becomes:

  public login(): void {
this.auth0.authorize({
  prompt: 'login'
});

}

system · October 18, 2018, 3:32pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.