I’ve followed these instructions:
This works - however, when the user logs into Auth0 the first time (ie. when the Auth0 user doesn’t yet exist and it federates from B2C) - the user gets a consent popup…
How do I get rid of this? We want to silently migrate users over from B2C to Auth0 - this isn’t an ongoing federated identity - where one would expect a consent popup.
Hi there @danclarke-smve ,
Thanks for the context 
To help get rid of the unwanted consent screen, I have 2 questions first for you:
is_first_party.Thanks for your reply.
Yes, I’ve just tried making the management API call against my frontend application client id, and it says is_first_party is set to true.
Yes, I think so. In the login script, I’m doing the same as in the article I linked to - ie… openid {{YOUR_B2C_APP_CLIENT_ID}} offline_access profile. However, I’ve just trying removing ‘profile’ from that list of scopes - and it still does the consent prompt saying profile access is being requested.
Thank you very much for confirming @danclarke-smve
With the client application marked as first-party (like yours), user consent is skipped by default when requesting user profile data.
When the client application runs on a local machine during development (like currently your Ec…ev client application), this user consent cannot be skipped because localhost is unverifiable and thus untrusted (so Auth0 treats it as a third party anyway).
If you would like to read more on that - here is a link to the doc.
The problem shouldn’t occur once the application is deployed.
Do you have any follow-up questions on that?
Ah perfect! That’s great news! So nothing to do then
Thank you very much for your help with this 
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.