June 2023 Community News

Welcome back! Thank you to everyone who contributed to our developer forum in the month of June and we wish everyone a happy and productive July! Here’s what happened in Auth0 Community Forum during the past month!

New Community Series

Have you heard about a new project we’re launching? Here’s more on that front!

• We’re introducing Community Member Spotlight Series!

New and Engaging Announcements

• Join Auth0’s Research Program
• Auth0 Community Response Videos
• Auth0-flutter SDK First Availability!
• Rules and Hooks nearing End of Life

New Blog Articles

Here are the new blog articles published in the month of June. Let us know your questions and thoughts by sharing comments in blog discussion topics!

• Taking Action During Women’s History Month: Elevating Women in Engineering
• Startup Stories: Recidiviz
• Using Redirect with Actions to Gather User Info and Increase Conversions
• Building Beautiful Login Pages with Auth0
• The Not-So-Easy Art of Logging Out
• Get started with Spring Boot and Auth0
• Permit or Deny Login Requests Using Auth0 Actions
• Add Progressive Profiling to Auth0 Authentication in Android Apps Built with Jetpack Compose

New FAQs

Looking for useful knowledge? We got you covered! Make sure to browse through the FAQs we posted last month!

• Passwordless issue with Organizations and New UL
• Kotlin android exception FLAG_ACTIVITY_NEW_TASK
• Connection problems to MySQL database after upgrading NodeJs runtime to 16
• Can multiple user share the same session ID?
• Send roles as part of SAML assertion when Auth0 is the IdP
• We keep getting the error “rejecting request of a tenant under quarantine” when trying to authenticate
• MFA Once Per Session Action
• Mitigate SMS Pumping Attacks
• How can I get or generate an access token for testing?
• How can I get an access token of a user with external IdP (SSO) for testing?
• Your concerns about Auth0’s business viability
• Srrt log doesn’t show client_name
• Can we use UUIDv5 with Actions?
• Implement Refresh Tokens in ASP.NET (OWIN) MVC application
• MFA Country List freezes
• How to use Token Expiration For Browser Flows (Seconds) field in API
• Obtain how many users exist per tenant (total number)
• Error in example code (httpInterceptor configuraiton)
• Change the email provider to custom in private config (RTA) Tenant
• Organization E-Mail Invitation Renders Incorrectly in Outlook for Windows
• Microsoft Azure AD Connection. Migration from Azure AD API to Microsoft Graph API
• Sanctioned Country Traffic Blocked by Auth0
• Customizing the Change Password page (/u/reset-password) language
• Passwordless login not triggered using New Universal Login with Identifier First Profile
• Migrate users from one connection to another connection
• Inconsistency around the rotating refresh tokens
• Importing users with pbkdf2 algorithm hashed passwords
• How to differentiate rate limit errors (global vs others)
• Log stream > Custom Webhook Error: Could not reach endpoint
• How to send an additional attributes using Auth0 Kotlin SDK
• Is it possible for our Production tenant endpoint to be updated to support secure renegotiation?
• How do I remove the gravatar image for a specific user?
• Have a username and password non-SSO “break glass” account with the same email address for SSO
• Difference in log streaming information
• Change language of password reset custom page in Classic experience
• Why am I seeing allow_magiclink _verify_without_session:true when exporting configs?
• Post Password Change - email template - redirect doesn’t work
• Login page not appearing
• Is it possible to enable the /delegation endpoint for a new tenant?
• Error: DB Custom script (Login): user_id is invalid
• How can we customise the location of our preferred favicon?
• Passwordless magic link error: “The link must be opened on the same device…”
• “Action Required for “my-saml-link” connection: Signing certificate will expire in 29 days”
• Login behaves in unexpected way when using browser incognito mode
• Just getting started with Auth0: what is the optimum tenant configuration for scalability and reliability
• JsonWebTokenError: error in secret or public key callback: socket hang up - jwks-rsa
• How to check time synchronization status of Auth0 server
• Refresh token for M2M applications
• Migrate users from one connection to another connection (step by step solution)
• Passwordless issue with Organizations and New UL
• Refresh token for M2M applications
• Self-signed certificate in AD/LDAP Connector is expiring/expired
• SSO broken with passwordless and database connection enabled
• The schema definition for logs appears to be inaccurate
• Mandrill-based email ‘Syntax Error’ codes
• How to check time synchronization status of Auth0 server
• Twitter Login Via Universal Login Page not working
• Why does Brute Force Protection sometimes permit login when the account has been blocked?
• User_ID listed as ‘SUB’
• Facebook failed login with Permissions error
• Inactive users over 30 days
• Generate QR code for OTP enrollment
• Admin who performed user’s MFA reset
• Outlook quarantining emails triggered by Auth0
• Importing password hash made by PHP fails
• Upgrade Auth0-deploy-cli version to address security vulnerabilities
• SAML SSO using Auth0 as service and identity provider login fails due to IdP initiated login
• SAML 2.0 Addon Error
• Forced reauthentication and routing the user automatically to the IdP with HRD
• Workflow for email and phone number
• Removing email address obfuscation for email-based MFA
• Security center for public cloud
• Social login fails after account linking
• Splunk log stream endpoint services/collector
• Verification email error message
• What is callback_url_template property?
• SMTP emails not sent after migrating to Layer0
• I would like to see the list of the tenants under an account
• Authorization Extension reached the memory maximum (500Kb)

New and Hot Feedback Cards

Make sure to advocate, add context and vote for the ones you are interested in!

• Actions should support filters - #2 by konrad.sopala
• Noticed a typo on organization branding preview - #6
• How can I access custom user properties in my custom action? - #24 by nicb
• Add fantasy theme to Auth0 dashboard login - #3 by m-c
• Add a Password Strength Meter - #4 by konrad.sopala
• Post User Registration actions run after passwordless user login - #7 by uderline
• Provide Plotly Dash integration/demonstration - #4 by konrad.sopala
• Change the social sign-in buttons order - Apple requires their sign in button to be on top - #8 by konrad.sopala
• Block compromised credentials on password reset / recovery flow - #2 by konrad.sopala
• Terms checkbox for New Universal Login - #47 by damikun
• Release notifications about universal login markup changes - #3 by mieradi
• Custom forgot password form + Add redirect_uri to change-password flow - #3 by brian.takita
• Include organization invitation status in API - #2 by konrad.sopala
• Feature: pre-login Action (for email/password-based login attempts) - #8 by dan.woda
• Share custom actions across tenants - #2 by tyf
• In case of already linked account login, Auth0 just send the primary user info but not actual account info - #2 by konrad.sopala
• Access organization on pre or post user registration flow from an action - #3 by osaucedab
• Implement Breached Password Detection support for Management API create user
• Allow for account linking with actions
• Being able to customize the Enterprise Connection Authorization Success page
• Verify e-mail before user registration (pre-user registration)
• Allow access to request headers in Auth0 Actions
• Feedback about docs page called Send Email Invitations for Application Signup - #6 by Eric75
• Provide example/SDK for server side authentication with Auth0 for Sveltekit - #3 by igillis
• Auth0 SDK for Nuxt 3 - #10 by colton
• Include the details of executed actions in Log Streams - #6 by parani.kumar
• Support multiple client secret for better client secret rotation and usage - #23
• Add rate limiting and cache for m2m token authentication endpoints - #36 by konrad.sopala
• Feature request: Password policy require 4 of 4 requirements - #36 by konrad.sopala
• Actions overtaking rules and hooks - #2 by dan.woda
• Unsecure settings in blazor while following tutrial - #5 by dan.woda
• Control Invitation flow with prompt and screen_hint parameters - #4 by ipulj
• List what authorization flows a particular SDK supports
• Create user verified trigger - #7 by dan.woda
• Get organization role's users - #15 by rafael-kennedy-IM
• Support for organizations hierarchy
• Support passwordless connections in organization invitations
• Get the client id in the custom database script - #7 by richard.sanigar
• Support/Replace Organization prompt screen with "choose organization" during login - #49 by nathan.jenkins
• Please make "submit this form" editable - #8 by konrad.sopala
• Feature request: Add Google Cloud PubSub support for Log Streams - #12 by konrad.sopala
• Allow multiple custom domains for multitenant applications - #59 by vaclav.stummer
• Allow New Universal Login / Passwordless login to show an error message if the provided email is unknown
• AssetLinks: delegate_permission/common.get_login_creds
• Send an MFA enrollment invitation email through API
• The Log event for the API Operation “Create an Organization” is incomplete
• Allow users to opt-in to MFA