I’ve set up an ADFS connection, and would like to skip the user consent prompt that displays the first time a user signs in. I’ve found a few solutions for this if a custom API is configured for the audience (https://community.auth0.com/questions/286/how-do-i-skip-the-consent-page-for-my-api-authoriz), but nothing that addresses the issue for the default configuration (https://auth0.com/docs/quickstart/spa/angularjs#configure-angular-auth0). Is this possible with the audience set to ‘https://my-tenant.auth0.com/userinfo’?
/userinfo audience should not force the consent screen to be shown by itself (at the time the post you linked was written it did force it, but that has changed) so can you confirm that you’re not getting the consent screen because of the point that is applicable no matter the API setting; in particular, if you’re using a
localhost origin for development purposes the consent screen will be shown no matter the setting at the audience level (as mentioned in that post).
Thanks for the response @jmangelo. I’m seeing this on the deployed version of the site.
localhostis not in the allowed callback URLs specified in the client settings.
Can you ensure that the client application in question is marked as a first-party client (see this how-to). If it’s not explicitly marked as a first-party can you perform an update to the client settings and set that field explicitly (you’ll have to do the update through the Management API).
That was it! Checked the API response you suggested and it was not returning an
is_first_party field. Updated it to
true and the consent prompt no longer shows up. Thanks for the help.