Hi and thanks in advance for any help. I am a new user to Auth0 and I am trying to figure out if the free plan can do what i need it to. I cant seem to find the right info in my searches.
i run a website for a game. i am trying to have my login redirect to auth0. i think i got this part working. then send the user to a page on my site, with their auth info, so i can use that to req one more piece of data the site needs, their player id for the game.
i think i can setup a flow and / or a redirect rule but i cant seem to find exactly what i need.
Any ideas on the steps to do this?
second question, i changed my application’s logo in auth0 but its not reflected on my universal login page. it does show on the Application Properties.
Let me also add what our documentation constitutes as an Application Logo:
Application Logo: The URL of a logo (recommended size: 150x150 pixels) to display for the application. Appears in several areas, including the list of applications in the Dashboard and customized consent forms. If none is set the default badge for this type of application will be shown.
For this case, we can specify the redirect_uri in your login request, so that once the authentication completes successfully, the user will redirect to that page.
The flow will be something like the following:
User goes to Login page > logs in successfully > redirects to your site to enter their player ID
To do so, you will need to implement the Authorization Code flow with any of our SDKs, and in the request, set your site’s URL as the redirect_uri. Let me also clarify that the redirect_uri value is your Callback URL which is the destination where the user is redirected after a successful login.
See our Redirect Users documentation for more information.
Lastly, I recommend checking out our Auth0 Quickstarts for examples of configuring the Application’s Callback URLs.
Please let me know if you have any further questions.
being so new to this, the terminology in those is a bit over my head.
how come you cant just use a flow to route you to a diff page? its sort of working right now but it seems to not keep my auth status. i see it call my server’s url, i can see the user’s info. i use their email to see if they have a record in my db. i redirect them to the page to enter id (this part fails as it ends up at the homepage and the user stuff is blank).
Yes, we can use a Redirect Rule to send the user to another page, but you will have to resume the authentication flow for this to work properly.
If you prefer, you can do this by starting the redirect in a Rule to your web page for the user to enter their player_id, and then resuming authentication back at Auth0 to continue with the rest of the login flow and return the user back to the Callback URL.
so i switched everything over to https, i setup https locally. i can connect to my page locally. when i hit login, i get the following:
BadRequestError: access_denied (self signed certificate in certificate chain)
at ResponseContext.callback (node_modules/express-openid-connect/lib/context.js:347:15)
at processTicksAndRejections (internal/process/task_queues.js:97:5)
i tried to add this to my app.js, temporarily:
process.env.NODE_TLS_REJECT_UNAUTHORIZED=0;
It took me a while to find the issue, but I finally found it!
The error you are seeing is coming from your postLogin Action script. In your Logs, I found the following error log when I checked the Action details section:
{
"binding_id": "58b084b2-87a4-4ea9-ac46-f31f7cebaded",
"version_id": "94cc2905-63ee-4dbf-bd8b-814c4780a96f",
"action_name": "postLogin",
"response": {
"error": {
"code": "UNABLE_TO_VERIFY_LEAF_SIGNATURE",
"message": "unable to verify the first certificate",
"name": "Error",
"stack": "Error: unable to verify the first certificate\n at Function.AxiosError.from (/data/layers/layers-vMBp/vMBpsnbe9HkFTTKtnriBcWMPY-vdrSq8MfXEhmk8K4E/node_modules/axios/dist/node/axios.cjs:825:14)\n at RedirectableRequest.handleRequestError (/data/layers/layers-vMBp/vMBpsnbe9HkFTTKtnriBcWMPY-vdrSq8MfXEhmk8K4E/node_modules/axios/dist/node/axios.cjs:2961:25)\n at RedirectableRequest.emit (node:events:527:28)\n at RedirectableRequest.emit (node:domain:475:12)\n at ClientRequest.eventHandlers.<computed> (/data/layers/layers-vMBp/vMBpsnbe9HkFTTKtnriBcWMPY-vdrSq8MfXEhmk8K4E/node_modules/follow-redirects/index.js:14:24)\n at ClientRequest.emit (node:events:527:28)\n at ClientRequest.emit (node:domain:475:12)\n at TLSSocket.socketErrorListener (node:_http_client:454:9)\n at TLSSocket.emit (node:events:527:28)\n at TLSSocket.emit (node:domain:475:12)"
},
"stats": {
"total_request_duration_ms": 488,
"total_runtime_execution_duration_ms": 485,
"runtime_processing_duration_ms": 5,
"action_duration_ms": 422,
"runtime_external_call_duration_ms": 58,
"boot_duration_ms": 63,
"network_duration_ms": 3
}
},
"error": {
"id": "invalid_argument",
"msg": "Invalid Argument"
},
"started_at": "2023-02-08T15:20:52.039552555Z",
"ended_at": "2023-02-08T15:20:52.528227367Z"
}
It appears that you are passing an invalid argument. After reviewing the Request Config |Â Axios Docs, I found that you should be passing the user_id like the following:
In my tests, I was able to reproduce the BadRequestError: checks.state argument is missing error only when I went directly to the /authorize endpoint with my own custom state parameter. It seems to work fine when the state is automatically generated by my app when I click on the login button.
After investigating, I found that this error happens because of the reasons described here and I recommend following the workaround provided on the page.