I have had Google login enabled for some time as I develop a small project. Upon logout, calling https://AUTH0_DOMAIN/v2/logout
everything works as expected, cookies and storage are cleared.
Upon login, calling https://AUTH0_DOMAIN/authorize?response_type=code&audience=audience&client_id=$client_id&redirect_uri=redirect_uri/api/auth/callback&scope=openid%20profile%20email%20&state=state&nonce=nonce
everything works as expected, the user is taken to the Auth0 login, chooses Google and proceeds to select an account.
Today, without changing any other settings, I enabled GitHub and Twitter login and attempted to verify they were working correctly. Both login fine, however, there seems to be an issue after logout. They use the same code as Google login but once either GitHub or Twitter login has been used once, clicking ‘login’ will always skip the option to choose the identity provider and proceed to login with the last used provider.
The only way to get out of this state is to remove the created user from the Auth0 Dashboard. If this is not done, clicking ‘login’ will automatically log the user in with the identity provider selected previously. This behavior persists even if all application is cleared before doing so, leading me to believe something is not working as expected on the Auth0 side.
I have tried some of the solutions posted on this forum, including using a redirectTo
and client_ud
in the /logout
path, neither of these actually seem to be respected and intermittently return different status codes, 400 and 404.
Expected Flow (working with Google login):
- Click ‘login’
- Redirected to Auth0 lock page
- Social provider selected
- Authenticate with a social provider
- Redirect back to the application
- Logout (calling the Auth0
/logout
endpoint) - Repeat
Current flow (with GitHub and Twitter):
- Click ‘login’
- Redirected to Auth0 lock page
- Social provider selected
- Authenticate with a social provider
- Redirect back to the application
- Logout (calling the Auth0
/logout
endpoint) - Click ‘login’
- Auth0 proceeds to use the previously chosen social provider
- After a while, user is redirected back to the application with authentication complete
I’m a little lost as to where the problem could be here and would appreciate any guidance and input.