Hosted login page: url parameters no longer work

We have been using the hosted login page succesfully for a while now. We open the login page from an Android/iOS app and use the respective Auth0.OidcClient (1.0) to pass along some parameters (“extraParameters”).

We have implemented some custom code in the hosted login page that translates the page and adds some branding (colors/logo) based on these parameters.

Yesterday this suddenly stopped working without any changes on our end. First on one Auth0 subscription, and later on our other Auth0 subscription.

The url parameters are no longer getting passed, so they are not available in the login page. As a result our translations/branding is now broken.

I’ve tried with different versions of Lock.js (10.11 and 11.4) and even without any custom code in the hosted login page. The same problem occurs in all situations, on both Android (chrome) and android (safari).

Did you roll-out any changes that could have caused this issue?

Please advice.

The use of extra parameters that are not standard when initiating an OIDC/OAuth 2.0 authentication request is discouraged, however, I did a quick test and a call to /authorize that included an additional x_custom parameter and required end-user authentication (a redirect to /login) still made the x_custom parameter available in the hosted login page code through config.extraParams.

Thanks! We were trying to parse the parameters directly from the url, which used to work, but using config.extraParams indeed works fine.

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.