Error encountered when pressing back button

How can I solve this issue when pressing the back button?
Steps:

  1. login using google account, and pretend to login incorrect account
  2. Unauthorized page will display
  3. click the back button of the browser and login the correct account

Hi @dev40,

Thanks for reaching out to the Auth0 Community!

I understand that you encountered a situation where clicking the back button led to an error page.

This happens when the login transaction no longer exists after pressing the back button.

In this situation, I suggest configuring a Default Login Route for your application by going to your Auth0 Dashboard > Settings > Advanced settings and including your Login URI. Please do not forget to save your changes.

Once that is complete, your users should be able to return to the login page when pressing the back button.

See our Configure Default Login Routes documentation to learn more.

Please let me know if there’s anything else I can do to help.

Thank you.

Hi @rueben.tiow , I already defined a URL but it is still happening. Is there any other solution?

Hi @dev40,

Thank you for your response.

I have not been able to reproduce your observations. Instead, I was able to press the back button and redirect my user to the default login page.

With that, could you please share the URL you defined?

Please make sure to hide any sensitive information.

Thank you.

@rueben.tiow I tried TAP Customer Portal and it is not working.

Hi @dev40,

Thank you for your reply.

I have inspected your default login URL and noticed that the URL may need to point to the login route to redirect the users back to the authorize endpoint (login page).

Given that, could you please try saving your default login route with /login and see how that works?
(e.x https://hub-test.myapp.co.nz/haven/login)

Please let me know how this works for you.

Thank you.

@rueben.tiow I tried TAP Customer Portal but it is still not working :frowning:

1 Like

Hi @dev40,

Thank you for your update.

There is one final recommendation I could offer, which is to directly set the /authorize endpoint as your default login URI.

The default login URI pointing to your /authorize endpoint would look something like the following:

https://YOUR_DOMAIN/authorize?
    response_type=code&
    client_id=YOUR_CLIENT_ID&
    redirect_uri=https://YOUR_APP/callback&
    scope=SCOPE&
    state=STATE

This way, whenever a user presses the back button, they are immediately directed to your application’s login page.

Please let me know how this works for you.

Thank you.

I resolve this type of issue with people pressing the Back button by clearing the browser state (for the Back button) once they’ve reached my page with something like:

window.history.replaceState({}, "", window.location.origin + "/");

or where ever you’d prefer them to end up on a Back operation. If you want it to just stay where you are, you can of course use:

window.history.replaceState({}, "", window.location.origin + window.location.pathname);

See the documentation for window.history and in particular the state-related calls, and window.location.

@rueben.tiow in the Tenant and Application settings located in the dashboard, it does not accept this format. It response ““Tenant Login URI” must be a valid uri with a scheme matching the https pattern”

Hi @dev40,

Thank you for your reply.

I have tested your observations and could reproduce the same message only when passing a http URL.

Seeing that, could you please double check that your default login URI points to a https URL?

If you continue to have errors, could you please screenshot your tenant setting page with the error? And could you also please share the complete URL you are using?

Thank you.