May 2023 Community News

Welcome back! Thank you to everyone who contributed to our developer forum in the month of May and we wish everyone a happy and productive June! Here’s what happened in Auth0 Community Forum during the past month!

New Blog Articles

Here are the new blog articles or those that received engagement in the month of May.

• Use HashiCorp Terraform to Manage Your Auth0 Configuration - #28 by konrad.sopala
• What's the Right Authorization Model for My Application? - #2 by robertino.calcaterra
• Introducing Auth0 Templates for .NET - #5 by andrea.chiarelli
• Introducing Auth0's Next.js SDK - #19 by rasha
• Modern Full-Stack Development with Nest.js, React, TypeScript, and MongoDB: Part 1 - #31 by maksssssskam2002
• Securing Blazor WebAssembly Apps
• Get Started with iOS Authentication using SwiftUI
• Using Next.js and Auth0 with Supabase
• Salesforce Powers Customer Identity Plus with Auth0
• Developing a Secure API with NestJS
• Build a Beautiful CRUD App with Spring Boot and Angular
• Achieving a Seamless User Experience with Refresh Token Inactivity Lifetimes
• Preparing for Rules and Hooks End of Life
• What’s New in .NET 7 for Authentication and Authorization
• Inside the Minds of Consumers: Understanding Attitudes Towards Modern Identity Technologies
• Support Auth0 in Azure Static Web Apps for Blazor WebAssembly Apps
• Okta Customer Identity Cloud Adds Security Center to Enterprise Plan
• Startup Stories: Catalyst
• Securing Electron Applications with OpenID Connect and OAuth2
• RS256 vs HS256 What’s the difference?
• What is Blazor? A Tutorial on Building Web Apps with Authentication
• Get Started with Jetty, Java, and OAuth
• Send Slack Message After New User Sign Up with Auth0 Actions
• Add Authentication to .NET MAUI Apps with Auth0

New FAQs

• Get details which blocked user tried to login
• Customize New UL for organization
• Delegated Admin page is blank
• Error: “invalid_request (No MFA factors enabled for enrollment)” with MFA fully disabled
• Safari blocks Auth0 auth cookies in iframe
• Failed Sending Notification (fn) log is not showing in the user’s history
• Auth0.is.authenticated cookie - _legacy_auth0.is.authenticated cookie
• Captcha - Pre-login risk assessment
• How can we customize widgets using the Auth0 CLI and the Liquid template language?
• How are we charged on subscription update
• How can I block a device ID?
• How do we add a default role to a new user on first login?
• Block social signups for certain applications with Actions
• Tenant logs show “self signed certificate” events relating to custom database: users unable to login/signup
• Delete root@auth0.com Admin account
• MongoDB Custom Database Connection Error
• Some users have been verified with “@gmai.com” email
• Set an alert for the number of signup user
• Security Scan Tools
• SCIM support at Auth0
• MFA Brute force protection
• Platform infrastructure upgrade for public cloud tenants
• Internal error when using page templates
• How do you access bot detection’s risk assessment in a Rule?
• Error: “Unable to issue redirect for OAuth 2.0 transaction”
• Deprecation of Rules and Hooks. Custom SAML Configuration on Actions
• Deploy CLI fails due to using old node version
• Unexpected scopes added into user token in ROPG flow
• Nextjs and Redirects from www URL to non-www during login
• Knowledge Why does the ‘AssertionConsumerServiceURL’ placeholder in the SAML request template appear ‘blank’ at login?
• Missing auth_time claim on ID token after update password before continue Action
• User Bulk-Export numbers
• We cannot disable “Use Auth0 instead of the IdP to do Single Sign-on” for one of our applications
• Failed to send email with “Authenticated user is not authorized to send mail”
• Users Blocking Feature Not Working As Expected
• Terraform Action Trigger binding based on variable
• Difference between the risk assessment of adaptive MFA and that of bot detection
• Twitter API issues v2 - “InternalOAuthError: Could not authenticate you.”
• Creating a user via the Management API results in a HTTP 400 error
• Downloaded Signing Certificate from the Tenant showing same issuer and issuee
• Error: “Profile did not include an user_id. Make sure your user_id mapping points to the correct property”
• Global rate limit reached during login - Account linking extension in use
• Enrolling multiple factors/authentication methods or changing a user’s MFA
• Difference between the option Security->Monitoring and Monitoring->Streams
• Edit Application settings via API
• Customized 2FA - Resend code by email using guardian JS
• Request Header or Cookie Too Large
• Default values for Suspicious IP Throttling
• How many log streams are allowed?
• Forcing MFA Enrollment for a particular pre-assigned phone number
• Facebook login error: Error Accessing App
• Using Guardian SDK and checking if an enrolment is valid/exists
• Guardian app sends 3 digit code to Android
• Show custom alert in Auth0 Login Page
• Token Refresh with NextJS-Auth0 SDK
• Hiding Social Login buttons in the New Universal Login Experience
• Custom webhook not working with BigQuery
• Gettting Issuer.discover(error) using express-openid-connect
• How to configure Audience parameter for multi-website?
• How can I set my tenant’s environment tag using the deploy CLI?
• Quota utilization dashboard is not accessible
• When Actions are enabled logins fail for particular connection - cannot unmarshal string
• Switch Enterprise Connection subscription to different Tenant
• Updating a secondary account
• Users cannot login due to custom domain failure
• Verify_email: false for Passwordless still sending verification email
• Tenant member role ‘Editor - Specific Apps’ only showing first 100 applications
• Using Proxy with Auth0 ManagementClient
• Encode value for url in change password email template
• What does the action limitation of 4kB for user_metadata and app_metadata per session actually mean?
• Why are wildcard subdomains considered to be insecure?
• Connect_scopes not merged properly with Oauth connection’s pre-configured scopes
• Configure multiple domains with NextJS
• Customizing the error messages shown for Phone Enrollment for New Universal Login
• Log Stream unable to verify the first certificate
• Reorder default MFA factor in the Login
• Mass update user emails in auth0 connection
• setAppMetadata changes in post-login hook not persisted when calling api.access.deny
• Custom domain redirects to base domain
• Check a passwordless login was done via a magic link or via code
• Custom variable lang in password reset page
• Get the First Confirmed Multi-Factor Authentication Enrollment - behaviour when recovery code enrollment is present
• Support for sender constraint mechanisms such as mTLS and DPoP
• Deploy CLI runtime error: invalid memory address or nil pointer dereference
• Slack oauth2 connection unauthorized app
• Cannot set AppMetadata or UserMetaData in Passwordless flow with Pre-registration Action / Hook
• CORS pre-flight issues with /authorize endpoint requests
• Custom font for universal login not working on chrome
• State mismatch after passwordless authentication
• Remove email/password authentication option in Universal Login Form
• Permission to send an SMS has not been enabled for the region indicated by the ‘To’ number”
• DAE & Organizations
• Okta Workforce Entreprise SSO Groups
• Dynamic Client Registration
• Users are not logged out of custom social connection with Office365
• Origin to origin Cloudflare zones for the converged platform
• Safari cannot open the page because too many redirects occurred
• Configure caching with the Auth0-aspnetcore-authentication SDK
• Add a favicon option for New Universal Login
• Change password email template not updating
• Username and last login daily stats
• Sign in with Apple invalid redirect URL
• New Universal Login ToS acceptance
• Cannot read property endsWith of undefined
• Redirect after logout in React SPA
• Suspicious IP throttling rate management API and dashboard disparity
• Migrate from Actions Beta to Final
• Migrating from Hooks to Actions
• Migrating from Rules to Actions
• Audit Request for Change Password email template
• Multiple baseUrls for the same express-openid-connect application
• “The mfa_token provided is invalid” error when calling MFA API including custom domains
• No back to application button after changing password successfully
• Map SAML attributes to user_metadata attributes
• Angular Capacitor JSON exception
• Unable to switch to New Universal Login
• “assertion has expired” error: enforcement of SAML assertion lifetime values
• Activity page does not immediately display the most recent events
• Tenant admins are not receiving notifications concerning Suspicious IP throttling
• Export logs to a third party log aggregation tool such as Exabeam
• Certificate issuer for our Auth0 domain changed
• Change username and password field icons in Lock
• Browser preferred language es-ES does not work with Auth0
• Modify user ID format
• Error:04099079 when using Auth0 as SP and Keycloak as IDP
• Cannot get Guardian SDK to send MFA verification code by voice call
• Context object in Custom Database
• Create SAML enterprise connection from customer provided metadata files
• Captcha placeholder ‘Enter the code shown’ language not dynamic
• Unable to Switch Tenants
• Import Export Extension fails to load
• Deprecations and Migrations
• A0deploy CLI import is not working as expected
• App with Saml connection is redirecting to wrong URL after success login
• Auth0.Core.Exceptions.ApiException - ServiceUnavailable error
• Auth0 Bot Detection Issue
• Auth0 Custom Domain with reverse proxy not working
• Auth0 React SDK loginWithRedirect() function not making token request upon successful login
• Auth0-Splunk Integration
• Biometrics login / WebAuthn browser error
• Add custom scopes to a Refresh Token request
• Callback handler fail 400 Bad request with NextJS
• Use the organization_id to match a user to a specific data set at login time
• Revert nodeJS version back to NodeJs12
• Stream logs to Loki
• Authorization Extension and Organizations
• ADFS sign-in / sign-out fails with Microsoft error ID4037
• Upgrade from an outdated hash algorithm to bcrypt for Custom Database
• Call API From Rule
• Application Creation Details
• Access Raw Json with Management API
• Access ephemeral SAML attributes from a rule or action without writing to user profile
• 500 API error when editing custom social connection
• 404 NOT FOUND error with SPA app
• “External interaction required” error appears during silent authentication
• “Audience is invalid” Error in SAML

New and Hot Feedback Cards

Make sure to advocate, add context and vote for the ones you are interested in!

• Handle www subdomain in "Allowed web origins" - #2 by konrad.sopala
• Support for Redirect in PreUserRegistration - #2 by konrad.sopala
• Ability to provide organization name during Authorization Code Flow - #25 by Maciejaszek
• Allow multiple custom domains for multitenant applications - #51 by thomas.corkran
• Spring Boot 3 + Auth0 Java SDK Compatibility - #16 by nick.n
• Add case-insensitive option for user by email search - #9 by shlomiken
• Allow text "Edit" to be customized and translated in the login-passwordless screen - #2 by konrad.sopala
• Feature: New flow/action "Post Delete User" - #12 by konrad.sopala
• Feature request: Password policy require 4 of 4 requirements - #35 by Emilyq
• Compare tenant settings - #3 by konrad.sopala
• Implement multiple audiences in an access token - #3 by damikun
• Enhance Sendgrid support to be able to select IP pool - #2 by konrad.sopala
• Support/Replace Organization prompt screen with "choose organization" during login - #39 by nathan.jenkins
• Change social login buttons order in new universal login (2023) - #3 by ldibello
• Bulk Export should provide all fields by default - #2 by konrad.sopala
• Feature Request - Ability to force MFA on tenant admins - #2 by konrad.sopala
• Get organization role's users - #12 by vladimir.bulatovic
• Log view in dashboard truncates needlessly
• Bug: Rendering Bugs When Using New Universal Login Templates with Device Flow - #2 by konrad.sopala
• Biometrics Only Instead of Identifier + Biometrics ❗ - #3 by TenXDeveloper
• How can I access custom user properties in my custom action? - #23 by oliver.wang
• Support bypass_list_management param when sending emails via Sendgrid - #5 by octi
• Feature: pre-login Action (for email/password-based login attempts) - #7 by chris.bohn
• API to support Patch in header - #2 by tyf
• Allowing app to be used in iFrames for custom domains - #4 by jimmy.somsanith
• Auth0 SDK for Nuxt 3 - #7 by konrad.sopala
• Terms checkbox for New Universal Login - #45 by laurent.imec
• Trigger the Pre User Registration flow for social and other non-database connection types - #20 by dylanswartz
• Provide Plotly Dash integration/demonstration - #2 by konrad.sopala
• Flag topics that are old and no longer accurate to be removed
• Feature: Allow IDs to have more than one verified email address - #2 by tyf
• Allowed Callback URLs validation is incorrect - #3 by hellein
• Allow bulk importing properties like last_login, last_password_reset, created_at and updated_at timestamps - #3 by avinash.singh1
• OpenID Back-Channel Logout implementation - #12 by mschoenbaechler
• Noticed a typo on organization branding preview - #4
• Implement Device Auth Flow with Organizations - #4 by konrad.sopala
• RFC8693 OAuth 2.0 Token Exchange - #4 by manie
• Token Exchange for Social Providers - #2 by dan.woda
• Enable Default audience per application instead of tenant wise - #5 by DrHariri
• Login indicator on Universal Login UI - #3 by eladbs
• Please show MFA status in the "Go to team > Tenants > View Members" view - #2 by tyf
• Request for New Relic npm package - #2 by tyf
• Please add an optional page before the QR code when enrolling otp mfa
• Email MFA for Universal Login from Rules - #2 by dan.woda
• Feature request: 2FA enforcement policy for auth0 tenant dashboard admins - #2 by dan.woda