We would like for a user to be redirected to an organization specific URL after completing the change password form in the standard Universal login experience.
The documentation states in order to have a user redirect after the form is completed we need to set a default login URL for the application or tenant. The complication is we have dedicated login urls for each organization. I see that {organization_name}
as a parameter is accepted in Allowed Callback URLs but not Login URI. Is there a way to accomplish this with the existing configuration options?
Hello!
You can’t directly use {organization_name} in the Auth0 Application or Tenant Login URI for redirection after password change. While you could try encoding the redirect in the state parameter (less ideal) or customizing the Universal Login page (more complex), the recommended approach is to have Auth0 redirect to a generic success callback URL in your application. Your application then identifies the user’s organization and performs the final redirect to the organization-specific URL. This keeps the Auth0 flow cleaner and centralizes redirect logic in your application.
Thanks for your feedback. I am curious about the Create a password change ticket endpoint)
I have included the organization_id in the body. According to the documentation when this is provided, " the redirect link in the prompt will include organization_id and organization_name query string parameters."
I am not seeing this and was wondering if you could elaborate on what to expect here?
I also am curious how we would go about updating the Universal login form? The only controls I see are relevant to branding like colors, fonts.
Constraint: We could not use Auth0’s one time password reset flow because not all of our users have emails
Solution:
Write application code to request a change password ticket url via the management API and return it on the to the client if a user needs a password reset (a flag in our db)
After password change in Auth0 actions use onExecutePostChallenge to redirect the user back to the organization login page
onExecutePostLogin will check if the user has reset their password and add this as a custom claim
Application will check this flag and update the user if they no longer need the password reset