Auth0 Home Blog Docs

Hide Request Parameters of Hosted Login Page

lock
login
hosted-login-page

#1

Is there a way use the hosted login page without having to send request parameters using GET? I recently switched from using embedded lock to using the hosted login page in order to be able to call authorize with custom audience. All works well, however I am not very happy with the verbose request string.


#2

To my knowledge that is currently unavoidable and the request parameters will have to be present in the query component.


#3

Ok. The solution would be to wait for the lock widget to support API authorization then.


#4

Ok. The solution would be to wait for the lock widget to support API authorization then.


#5

Lock 10.22+ supports cross-origin authentication which would allow to do embedded authentication (in the client application itself) while also making an authorization request (aka audience parameter). You should check the cross-origin docs to see if that would answer your requirements.


#6