Auth0 Home Blog Docs

Is rule redirect state visible from with rule?


#1

Hi folks. Hoping someone here can help me.

Question: Is the state value that will be passed in redirects available to a rule that is setting the context.redirect.url value?

Context:

I am trying to implement a rule to enforce first time login password change using the out of the box hosted password change page. I am successfully getting a password change ticket and setting it in context.redirect.url and am correctly redirected to the password change page.

However, I am trying to set the result_url parameter of the createPasswordChangeTicket API to what I expect the login continue URL to be (eg: “https://tenant.auth0.com/continue?state=” + (context.request.query.state || context.request.body.state) ) but the returned state value does not match the state value that is returned does not match the state that continue expects.

Right now if I don’t use result_url and let the password change page notify of the change internally then it works, but then the user needs to navigate back to the login page manually which is undesirable. I’m also concerned about the impact of initiating rule redirects that never callback to /continue in our production solution.


#2

Hey @brad.ollis

As it has been more than a few months since this topic was opened and there has been no reply or further information provided from the community as to the existence of the issue we would like to check if you are still facing the described challenge?

We are more than happy to assist in any way! If the issue is still out there please let us know so we can create a new thread for better visibility, otherwise we’ll close this one in week’s time.

Thank you!


#4

This topic was automatically closed 6 days after the last reply. New replies are no longer allowed.