Mysterious redirect errors when logging in

Hey all,

I am not sure if this is the right place to ask, but we are a startup that is using Auth0 for authentication, and after some recent changes in the onboarding flow, we are facing some mysterious callback errors that keep showing up from time to time. We get to see a message: “redirect too many times”, as if we are stuck in some kind of an infinite loop. Our users can frequently not log in to do their work. Our developer is struggling with fixing this issue and we are looking for an extra pair of eyes to help us find the bug in the implementation. I have attached the .har file which shows what happens when we try to login. Some addtional info: our web-application runs on flask backend and has vuejs frontend.

thank you in advance

loginredirectissue.har (495.3 KB)

Hi @ngma,

Welcome to the Auth0 Community!

It looks like you are sending your user to /login?next=%2Flogout, which directs your app to log your user out directly after successful login.

You are also sending a state value of {"destination": "/logout"} (I’m assuming you get this from the query param). This isn’t a unique value, and could be used by a malicious party to redirect users to any site after login. You should use one of these strategies to redirect users after login.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.