Greetings again, @dawid.matuszczyk @rueben.tiow
The question is, that is this code from my action legit, becasue I always receive Invalid Redirect URL when launching my post-login action:
exports.onExecutePostLogin = async (event, api) => {
if (event.user.app_metadata["demo_account"] === true &&
event.user.app_metadata["had_demo"] === false &&
event.user.app_metadata["demo_expired"] == false &&
event.user.app_metadata["db_record"] === false) {
const id = event.user.user_id;
const email = event.user.email;
const state = event.transaction?.state
api.redirect.sendUserTo(`${event.secrets.MAIN_DOMAIN}/verify?auth0Sub=${id}&email=${email}&state=${state}`);
}
};
exports.onContinuePostLogin = async (event, api) => {
const state = event?.transaction?.state
api.user.setAppMetadata("db_record", true);
api.redirect.sendUserTo(`${event.secrets.AUTH0_ISSUER_BASE_URL}/continue?state=${state}`);
};
The reason I don’t understand the error, that when I simply copy-paste the url from the ExecutePostLogin function, it just works, but when launching through Auth0 tenant url, it’s not working.
What am I missing here?
Help is much appreciated!
Hi @csokan.raul89,
The error you experienced seems to originate from the redirect URL you used.
I am unable to verify what values you have set for your event.secrets.MAIN_DOMAIN
; however, the error indicates that there is an issue with the URL that you are trying to redirect to.
In this situation, I recommend ensuring that the URL is valid by debugging it with console.log()
statements and using the Real-time Webtask Logs Extension during a regular login flow.
Please also ensure that your URL includes http://
or https://
prepended in the URL.
Thanks,
Rueben
Well, the MAIN_DOMAIN should be http://localhost:3000 and the AUTH0_ISSUER_BASE_URL is my tenant address.
Here’s what I get in the browser:
In the URL bar it’s my tenant address with the authorize endpoint and other parameters,
while instead of the page this is what i get:
Invalid redirect URL http://localhost:3000/verify?auth0Sub=REDACTED_USER_ID&email=REDACTED_EMAIL&state=REDACTED_STATE
And I noticed that state value is the same as it was yesterday when I tried it.
The main idea that occurred to me right now, is that to redirect the user from the post-login action to this custom verification page with the user_id and email as parameters and create a database record out of it, then inside this custom page i add a redirect command to the AUTH0 tenant address with the continue endpoint + the state extracted from the previous step, ubt no lcuk either.
Hi @csokan.raul89,
Have you had a chance to use the Test button within the Auth0 Action interface?
I just tried testing your URL http://localhost:3000/verify?auth0Sub=REDACTED_USER_ID&email=REDACTED_EMAIL&state=REDACTED_STATE
in a post-login action script interface and did not get an invalid redirect URL error.
Yes, you have understood this correctly. After redirecting the user, you must send them back to the /continue?state=YOURSTATE
endpoint to resume the authentication flow.
1 Like
@rueben.tiow I don’t know why did I get this invalid redirect URL in Nextjs, but I fogured out another way to obtain access tokens and store thrm and save metadata into the users Auth0 profile.
I only use pre-registration flow and after obtaining access tokens i created a custom page which saves specific data for the user profile.
Yet, i will take some time to explore why did i get that error.
For reference, i had misspelled the tenant url, but even afte tixing it the error still occured, so i still want to look into this later.
May I ask what was your approach in the testing?
Hi @csokan.raul89,
Thanks for the update.
Aha, it makes sense that a misspelled URL was causing an error as well.
When you navigate to your Action script on the Dashboard > Actions > Triggers > pre-user-registration and select your Action script, on the script interface, there is a Test button as shown in my previous reply’s screenshot.
On there, you can test your action script without going through a sign up flow. This way, you can debug your action script and ensure it works correctly before deployment.
Let me know if you still encounter issues.
Thanks,
Rueben