Login Screen Scope Decline Flow

Hello,
Recently i have updated to auth0 4.4 , I’m using the Universal Login Process
I have noticed with the newer versions, we no longer need the /auth/[…auth0]/route.ts

so now its just the /lib/auth0 file

i had a question if the user tries to login , they see the scope how the app will use their data, and click decline

the app crashes

“An error occurred during the authorization flow.”

Where do i handle this logic / would it be inside the /lib/auth0?

Thanks for any help in advance.

Hi @jsdev305

Welcome to the Auth0 Community!

As mentioned in our documentation, you will need to set the prompt=consent parameter when calling the /authorize endpoint in order to be prompted again.

If you have any other questions, let me know!

Kind Regards,
Nik

Hello Nik, thank you for the fast response,

but it looks like it did not trigger the login flow.

maybe I’m missing something else?

I see.

Could you let me know what SDK are you using? From what I understand, it is the NextJS SDK?

Is the user not redirected at all to the login or does nothing happen when they decline the prompts specifically?

Kind Regards,
Nik

yes I’m using the auth sdk

@auth0/nextjs-auth0”: “^4.4.2”,

when the user clicks on decline
i get redirected to a black screen

The text : An error occured during the authorization flow.

do i need to add something to allowed uri with this prompt consent ?

No, you would not need to change anything regarding Allowed URIs.

By simply adding the parameter when calling the /authorize endpoint of the Authorization API. This is mentioned here.

Otherwise, you can take a look at the code samples provided in the following community posts regarding the same issue:

Let me know if these are helpful or not!

Kind Regards,
Nik

So for example , in the root layout of my nextjs

i have this


export default async function RootLayout({
  children,
}: {
  children: React.ReactNode;
}) {
  const session = await auth0.getSession();

  if (!session?.user) {
    console.log("Not authenticated");
    // Redirect to the login page if the user is not authenticated
    redirect("/auth/login?prompt=consent");
  }

is this usually enough to get the reprompt for the login if user clicks on decline while viewing the app’s scope requirements ?

i dont see any other examples with the current version.
Thanks for the help by the way.

Hey Nik,
I think i resolved this issue,

hope it helps

export async function middleware(request: NextRequest) {
  const { pathname, searchParams } = request.nextUrl;

  // Intercept only the /auth/callback path
  if (pathname === "/auth/callback") {
    const error = searchParams.get("error");

    /* case for if the user clicks on decline button
    during the app's scope request
    if access_denied, redirect to login
    */
    if (error === "access_denied") {
      // Redirect user to login again with prompt=consent
      const redirectUrl = new URL("/auth/login", request.url);
      redirectUrl.searchParams.set("prompt", "consent");
      return NextResponse.redirect(redirectUrl);
    }
  }

  // Proceed with Auth0 middleware if not intercepted
  return await auth0.middleware(request);
}

this is one of the possible solutions

what do you think ?

Hi!

Usually, the redirect to the login route if the user does not have a session
( redirect("/auth/login?prompt=consent"); ) should resolve the issue since you passed in the parameter. If that did not fix the issue, the code you have added appears to be a suitable workaround since it accomplishes the same thing.

If I can help with anything else, let me know!

Kind Regards,
Nik

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.