Issue with automatic login

I have an issue. Normally I am using just new universal login and everything is great.

Unfortunately, I have a requirement for extra flow. not to replace the default sign-up, but to add a parallel flow.

We have a special splash page where we send users from Facebook ads. On this page they have three options

signup using just email ( creates account without password, input email and submit )
signup using FB ( just button )
signup using Gmail. ( just button )

Unfortunately, because of quite specific layouts I cannot just send them to universal login. I have to do it in my express js app.

for social, is there maybe just a direct link I could use to auth0 app, that when user clicks goes directly to FB or Gmail permissions, basically the same functionality as I would go to universal and then click social button? If not are there any other options for that?

For the other one it’s a bit more problematic:

1. I need to enable passwordless login in universal app. I am not sure how to achieve that as I enabled passwordless connection as well as enabled it for my web app, but I think I am missing another option somewhere as current login doesn’t seem to allow that ( password is required for login )

2. I guess I can use the management api ( unless there’s better option ) to create user from my service using just email and the passwordless connection. The issue is how to login this user after that into my express app. Don’t seem to be able to find doc about it anywhere.

Any help with that?

Maybe to rephrase it a bit as it’s too haotic. I am searching for 3 things.

1. Automatically directing people to the fb or gmail registration page ( as opposite to redirect them to register require them to click the button and then go to that page )

2. Enabling passwordless login flow.

3. Registering users with passwordless and automatically logging them in from express js backend.

Hi @maciej,

Let’s take a look:

The login must go through your app, but you can do that in the background and have it appear to direct your user to the social page (after a redirect).

In order to pass a user directly to a social login, you can pass a connection parameter with the request to authorize. For example, you could pass "connection":"facebook" and it would skip the auth0 login prompt and pass the user directly to the facebook login page.

Are you trying to give the option of both passwordless and username/password login?

That’s great. That’s what I was searching. Thank you very much.

About 2 and 3. Yes, kind of that. I don’t mind my universal login to have only password flow for registration ( it needs it for login though ).

I guess I could just use management api to create user, but I am not sure how to log them after registration automatically.

Said that, if passwordless login is not possible in universal login, than I should probably stay away from it either way.

Currently, it’s not possible to have both options (passwordless and username/password) within a single New Universal Login prompt.

Actually, about the first one.

I would just use:

res.oidc.login({
    connection: 'facebook'
});

Actually, that doesn’t seem to work.

I tried passing login({connection:'facebook'}) but not much luck. I think it might be one of authorizationParams, but I don’t see anything in typescript about it’s definition either.

Quickly checking in typescript there’s no ‘connection’ attribute anywhere actually.

Could you please share which SDK you are using? I’ll take a look and see if I can get it working.

express-openid-connect:2.16.0 ( latest )

Weirdly chatGPT told me this same ( so it needs to be right ) and I can see that there is typescript annotation for extra params.

the link that it’s redirected to has those params:

scope=openid%20profile%20email&
response_type=id_token&
redirect_uri=http%3A%2F%2Flocalhost%3A8000%2Fcallback&
response_mode=form_post&
screen_hint=consent

I removed client_id and nonce for security.

the code used to generate it in full is

    res.oidc.login({
        authorizationParams: {
            screen_hint: 'consent',
            scope: 'openid profile email',
        },
        connection: 'facebook',
    });

but I got similar results with other mentioned ( as in connection is missing )

EDIT: actually, connection: ‘facebook’ is missing from typescript annotation and it shows as ts error.

You should be able to pass it with authorizationParams. Have you tried that?

Thank you very much!

I am an idiot actually. I tried that before, but it was missing those extra params. And then when I tried it again it didn’t work because of constant loop which was fair as it logged me in without need for any prompt as my user is already registered.

In case anyone will have a problem. This is the script:

    if (req.oidc.isAuthenticated()) {
        let redirect = (req.query.red ?? '/') as string;
        await res.redirect(redirect)
        return;
    }

    await res.oidc.login({
        authorizationParams: {
            screen_hint: 'consent',
            scope: 'openid profile email',
            connection: 'facebook',
        },
    });

Be careful as I didn’t do redirect var sanitisation yet.

You’re awesome! Thanks for posting the script.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.