Migrating from v7 to V8 using username-password AND redirecting to /callback with passport

We are currently using Auth0.js v9 Reference (which is marked as outdated) so we are attempting to upgrade to V8.

Currently our login process involves the user logging in via the browser with username and password authentication like so:

	var auth0 = new Auth0({
		domain:       'SOME DOMAIN',
		clientID:     'SOME ID',
		callbackURL:  'ourwebsite.com/callback',
		callbackOnLocationHash: false
var loginOpts = {
			connection: 'MY_DB',
			username: $('#username').val().toLowerCase(),
			password: $('#password').val()

When this login completes auth0 redirects the user to our /callback endpoint which is an express server using the auth0 passport strategy: GitHub - auth0/passport-auth0: Auth0 authentication strategy for Passport.js.

However in V8 the only login process that allows username and password authentication WITH redirection is webAuth.redirect.loginWithCredentials() which is marked as deprecated.

webAuth.client.login() successfully logs the user-in but does not redirect to our endpoint, instead it calls a callback method containing the user object inside a JWT token. webAuth.client.login() also passes back an accessToken in the callback; I have tried to manually redirect the user to /callback?code={accessTokenFromCallback} but I receive an error from passport that the token is invalid.

What would be my best option going forward keeping in mind that the most ideal solution from my perspective would be to not have to change the /callback endpoint which uses passport.


I am in the same boat. Finally switching to Auth0.js v8, but running to same issue as above. I want to redirect to the redirect_uri (which is whitelisted) but it does not redirect to that. How can I make sure its redirecting to uri sent part of redirect_uri.