- I’m using oauth2-proxy to redirect users into auth0, this works.
- Auth0 if confi\gured with a Authentication/Social to authenticate to cilogon.org, this works.
- I have 2 actions created one for cilogon.org to work and the other to validate roles in auth0, this works.
When oauth2-proxy redirects to dev-me.us.auth0.com/authorize?state=... I’m prompted with a “Sign in with CILogon” button. I want to skip this superfluous step and go straight to CILogon.
I noted this related thread but the solution there hasn’t made any change to me: Button before login auth0
The 302 redirect to auth0 is this URL, it’s to /authorize as described in the thread above.
The sequence of redirects from my webserver to auth0 is as follows:
dev-me.us.auth0.com/authorize?approval_prompt=auto&client_id=<obfuscated>&redirect_uri=https%3A%2F%2Fauth.braingeneers.gi.ucsc.edu%3A8443%2Foauth2%2Fcallback&response_type=code&scope=openid+email+profile&state=<obfuscated>%3Ahttps%3A%2F%2Fwhoami.braingeneers.gi.ucsc.edu%2F
After my web server 302-redirects to auth0, auth0 produces a 302 redirect to:
dev-me.us.auth0.com/login?state=<obfuscated>&protocol=oauth2&approval_prompt=auto&redirect_uri=https%3A%2F%2Fauth.braingeneers.gi.ucsc.edu%3A8443%2Foauth2%2Fcallback&response_type=code&scope=openid%20email%20profile
I tried playing with approval_prompt, it was set to “forced” by default, I tried “auto” (per a claude.ai debug thread) as well as other obvious things like “false”.
I’m not sure what’s causing the login button on auth0 to display prior to the redirect to “social” cilogon org.
