How to login without redirecting to universal login

Good day everyone. I have been working on this feature when if the user tries to signup but already has an existing account, the user would instead be logged in to the application.

Scenario:
We have a universal login, a separate signup page, and an app. The signup page uses auth0.js while the app uses nuxt-auth.

Expected:
When on the signup page, if the user signed up using Google social login but already has an existing account, the user should be logged in to the application on a different subdomain.

Actual:
When using the signup page, the user is instead redirected to the app and then back to the universal login. When you click the Google social login, there is no need for the user to enter his account since the user has already the necessary token to log in. The user is just not being logged in to the application so there is an undesired action of clicking the button.

Implementation:
We implemented the redirect from the action flow.

Other observation:
In the monitoring logs, the login from the social button ends at success exchange, and no success login is showing up.

Hi @timothyIG,

Welcome to the Auth0 Community!

Before we proceed, I wanted to mention that allowing your users to automatically log in if they attempt to sign up with an existing account may introduce security risks and vulnerabilities from user enumeration attacks.

Because the signup process shows the WE'RE SORRY, SOMETHING WENT WRONG WHEN ATTEMPTING TO SIGN UP. error message when a user tries to sign up with an existing email address, it does not take account of the user’s password in this check. So, if we implement automatic login at this stage, an attacker can log in only by knowing the user’s email address.

Perhaps, I may have misunderstood, so if that is the case, could you please clarify further what you intend to do?

I look forward to your response.

Thank you,
Rueben