Looks like this issue was never resolved. We are also running into the same thing as @matt15. Users mistakenly login with the wrong Google account. We have an Action to allowlist only certain email domains. The user becomes gated from the application due to this Action, but the Universal Login screen keeps authorizing-ing them based on the same [incorrect] Google account. There is no option to change accounts.
Here’s the snippet of our Universal Login page code, where we are attempting to pass a prompt
to the authorize call, as is suggested above. I don’t see this as a valid prompt in the webAuth.authorize documentation. Is there a way to do this with Universal Login?
var params = Object.assign({
overrides: {
__tenant: config.auth0Tenant,
__token_issuer: config.authorizationServer.issuer
},
domain: config.auth0Domain,
clientID: config.clientID,
redirectUri: config.callbackURL,
responseType: 'code'
}, config.internalOptions);
var webAuth = new auth0.WebAuth(params);
var captcha = webAuth.renderCaptcha(
document.querySelector('.captcha-container')
);
function loginWithGoogle() {
webAuth.authorize({
connection: 'google-oauth2',
prompt: 'select_account'
}, function (err) {
if (err) displayError(err);
});
}