Hello!
My app is a backend api (go) + SPA.
We had to implement a custom sign-up process because we wanted additional restrictions on usernames (number of characters, allowed characters). This is done using the management api from our go backend.
Now, I’m trying to have the user automatically logged-in once he successfully created his account.
Ideally, the authentication token would be returned as part of the sign-up api.
What is the right authentication flow to use and auth0 api endpoint?
You can use the resource owner password grant to exchange a user’s email/username and password directly for a token. This grant type is for confidential clients, so the exchange should be implemented on your backend.
The automatic login flow (token exchange) of a newly registered user is discussed in this thread here:
Thanks @dan.woda ! It absolutely answers my question.
However I think I found an other possible solution. Do you think we could use Pre-User Registration Hook to implement username validation ? Pre-User Registration
This way we would get rid of our own registration system and handle this directly from the universal login.
Would that work to you? What is the best solution to you?
Yes, you are correct. You could just use the hook to make a decision about what a valid username is. That would be a much better solution and would save you a lot of time, and give you the advantages of using new universal login (you’ll have to use the new universal login if you want to propagate an error from the hook to the user).