Invalid redirect URL even if state paramater addedd

Greetings again, @dawid.matuszczyk @rueben.tiow

The question is, that is this code from my action legit, becasue I always receive Invalid Redirect URL when launching my post-login action:

exports.onExecutePostLogin = async (event, api) => {
  if (event.user.app_metadata["demo_account"] === true && 
   event.user.app_metadata["had_demo"] === false && 
   event.user.app_metadata["demo_expired"] == false && 
   event.user.app_metadata["db_record"] === false) {
    const id = event.user.user_id;
    const email = event.user.email;
    const state = event.transaction?.state
    api.redirect.sendUserTo(`${event.secrets.MAIN_DOMAIN}/verify?auth0Sub=${id}&email=${email}&state=${state}`);
   }
};

exports.onContinuePostLogin = async (event, api) => {
  const state = event?.transaction?.state
  api.user.setAppMetadata("db_record", true);
  api.redirect.sendUserTo(`${event.secrets.AUTH0_ISSUER_BASE_URL}/continue?state=${state}`);
};

The reason I don’t understand the error, that when I simply copy-paste the url from the ExecutePostLogin function, it just works, but when launching through Auth0 tenant url, it’s not working.

What am I missing here?

Help is much appreciated!

Hi @csokan.raul89,

The error you experienced seems to originate from the redirect URL you used.

I am unable to verify what values you have set for your event.secrets.MAIN_DOMAIN; however, the error indicates that there is an issue with the URL that you are trying to redirect to.

In this situation, I recommend ensuring that the URL is valid by debugging it with console.log() statements and using the Real-time Webtask Logs Extension during a regular login flow.

Please also ensure that your URL includes http:// or https:// prepended in the URL.

Thanks,
Rueben

Well, the MAIN_DOMAIN should be http://localhost:3000 and the AUTH0_ISSUER_BASE_URL is my tenant address.

Here’s what I get in the browser:
In the URL bar it’s my tenant address with the authorize endpoint and other parameters,
while instead of the page this is what i get:

Invalid redirect URL http://localhost:3000/verify?auth0Sub=REDACTED_USER_ID&email=REDACTED_EMAIL&state=REDACTED_STATE

And I noticed that state value is the same as it was yesterday when I tried it.

The main idea that occurred to me right now, is that to redirect the user from the post-login action to this custom verification page with the user_id and email as parameters and create a database record out of it, then inside this custom page i add a redirect command to the AUTH0 tenant address with the continue endpoint + the state extracted from the previous step, ubt no lcuk either.

Hi @csokan.raul89,

Have you had a chance to use the Test button within the Auth0 Action interface?

I just tried testing your URL http://localhost:3000/verify?auth0Sub=REDACTED_USER_ID&email=REDACTED_EMAIL&state=REDACTED_STATE in a post-login action script interface and did not get an invalid redirect URL error.

Yes, you have understood this correctly. After redirecting the user, you must send them back to the /continue?state=YOURSTATE endpoint to resume the authentication flow.

1 Like

@rueben.tiow I don’t know why did I get this invalid redirect URL in Nextjs, but I fogured out another way to obtain access tokens and store thrm and save metadata into the users Auth0 profile.

I only use pre-registration flow and after obtaining access tokens i created a custom page which saves specific data for the user profile.

Yet, i will take some time to explore why did i get that error.
For reference, i had misspelled the tenant url, but even afte tixing it the error still occured, so i still want to look into this later.

May I ask what was your approach in the testing?

Hi @csokan.raul89,

Thanks for the update.

Aha, it makes sense that a misspelled URL was causing an error as well.

When you navigate to your Action script on the Dashboard > Actions > Triggers > pre-user-registration and select your Action script, on the script interface, there is a Test button as shown in my previous reply’s screenshot.

On there, you can test your action script without going through a sign up flow. This way, you can debug your action script and ensure it works correctly before deployment.

Let me know if you still encounter issues.

Thanks,
Rueben