New user help, please

Hi and thanks in advance for any help. I am a new user to Auth0 and I am trying to figure out if the free plan can do what i need it to. I cant seem to find the right info in my searches.

i run a website for a game. i am trying to have my login redirect to auth0. i think i got this part working. then send the user to a page on my site, with their auth info, so i can use that to req one more piece of data the site needs, their player id for the game.

i think i can setup a flow and / or a redirect rule but i cant seem to find exactly what i need.

Any ideas on the steps to do this?

second question, i changed my application’s logo in auth0 but its not reflected on my universal login page. it does show on the Application Properties.

Thanks again

Hi @loucapo,

Welcome to the Auth0 Community!

To better assist you, I have a few clarifying questions.

First, could you please clarify if you want to send the user to your site after they have logged in?

And could you please clarify if there is an API that can query the user’s player ID for the game?

To change the Logo on the New Universal Login page, please navigate to the Auth0 Dashboard > Branding > Universal Login > Customized Options and click on the Widget option and enter your Logo URL. See below:

Let me also add what our documentation constitutes as an Application Logo:

  • Application Logo: The URL of a logo (recommended size: 150x150 pixels) to display for the application. Appears in several areas, including the list of applications in the Dashboard and customized consent forms. If none is set the default badge for this type of application will be shown.

(Ref: Application Settings - Application Logo

I hope that helps clarifies!

I look forward to your reply.

Thanks,
Rueben

1 Like

First, could you please clarify if you want to send the user to your site after they have logged in?

i think i need to, for them to enter their player id manually.

And could you please clarify if there is an API that can query the user’s player ID for the game?

there is no API. a user must enter it manually.

Hi @loucapo,

Thank you for your response and clarification.

For this case, we can specify the redirect_uri in your login request, so that once the authentication completes successfully, the user will redirect to that page.

The flow will be something like the following:

  • User goes to Login page > logs in successfully > redirects to your site to enter their player ID

To do so, you will need to implement the Authorization Code flow with any of our SDKs, and in the request, set your site’s URL as the redirect_uri. Let me also clarify that the redirect_uri value is your Callback URL which is the destination where the user is redirected after a successful login.

See our Redirect Users documentation for more information.

Lastly, I recommend checking out our Auth0 Quickstarts for examples of configuring the Application’s Callback URLs.

Please let me know if you have any further questions.

Thanks,
Rueben

being so new to this, the terminology in those is a bit over my head.

how come you cant just use a flow to route you to a diff page? its sort of working right now but it seems to not keep my auth status. i see it call my server’s url, i can see the user’s info. i use their email to see if they have a record in my db. i redirect them to the page to enter id (this part fails as it ends up at the homepage and the user stuff is blank).

are you able to see my actual settings in auth0?

Hi @loucapo,

Thank you for your reply.

Yes, we can use a Redirect Rule to send the user to another page, but you will have to resume the authentication flow for this to work properly.

If you prefer, you can do this by starting the redirect in a Rule to your web page for the user to enter their player_id, and then resuming authentication back at Auth0 to continue with the rest of the login flow and return the user back to the Callback URL.

https://auth0.com/docs/customize/rules/redirect-users#start-redirect-and-resume-authentication

Yes, most definitely. What would you like me to take a look at?

Thanks,
Rueben

so i switched everything over to https, i setup https locally. i can connect to my page locally. when i hit login, i get the following:

BadRequestError: access_denied (self signed certificate in certificate chain)
at ResponseContext.callback (node_modules/express-openid-connect/lib/context.js:347:15)
at processTicksAndRejections (internal/process/task_queues.js:97:5)

i tried to add this to my app.js, temporarily:
process.env.NODE_TLS_REJECT_UNAUTHORIZED=0;

1 Like

any ideas? i’m getting desperate.

1 Like

Hi @loucapo,

Thank you for your responses.

It took me a while to find the issue, but I finally found it!

The error you are seeing is coming from your postLogin Action script. In your Logs, I found the following error log when I checked the Action details section:

{
  "binding_id": "58b084b2-87a4-4ea9-ac46-f31f7cebaded",
  "version_id": "94cc2905-63ee-4dbf-bd8b-814c4780a96f",
  "action_name": "postLogin",
  "response": {
    "error": {
      "code": "UNABLE_TO_VERIFY_LEAF_SIGNATURE",
      "message": "unable to verify the first certificate",
      "name": "Error",
      "stack": "Error: unable to verify the first certificate\n    at Function.AxiosError.from (/data/layers/layers-vMBp/vMBpsnbe9HkFTTKtnriBcWMPY-vdrSq8MfXEhmk8K4E/node_modules/axios/dist/node/axios.cjs:825:14)\n    at RedirectableRequest.handleRequestError (/data/layers/layers-vMBp/vMBpsnbe9HkFTTKtnriBcWMPY-vdrSq8MfXEhmk8K4E/node_modules/axios/dist/node/axios.cjs:2961:25)\n    at RedirectableRequest.emit (node:events:527:28)\n    at RedirectableRequest.emit (node:domain:475:12)\n    at ClientRequest.eventHandlers.<computed> (/data/layers/layers-vMBp/vMBpsnbe9HkFTTKtnriBcWMPY-vdrSq8MfXEhmk8K4E/node_modules/follow-redirects/index.js:14:24)\n    at ClientRequest.emit (node:events:527:28)\n    at ClientRequest.emit (node:domain:475:12)\n    at TLSSocket.socketErrorListener (node:_http_client:454:9)\n    at TLSSocket.emit (node:events:527:28)\n    at TLSSocket.emit (node:domain:475:12)"
    },
    "stats": {
      "total_request_duration_ms": 488,
      "total_runtime_execution_duration_ms": 485,
      "runtime_processing_duration_ms": 5,
      "action_duration_ms": 422,
      "runtime_external_call_duration_ms": 58,
      "boot_duration_ms": 63,
      "network_duration_ms": 3
    }
  },
  "error": {
    "id": "invalid_argument",
    "msg": "Invalid Argument"
  },
  "started_at": "2023-02-08T15:20:52.039552555Z",
  "ended_at": "2023-02-08T15:20:52.528227367Z"
}

It appears that you are passing an invalid argument. After reviewing the Request Config | Axios Docs, I found that you should be passing the user_id like the following:

const axios = require("axios");
exports.onExecutePostLogin = async (event, api) => {
    await axios.get("https://YOUR_URL", { params: { id: event.user.user_id }});
};

Then to test your Action script, I recommend using the built-in debugger depicted by the Play button icon:

Please let me know how this goes.

Thanks,
Rueben

you can pass the full user object? i am trying to use more than just the user id.

1 Like

Hi @loucapo,

Yes, sure, you can pass the whole object if needed.

then i guess i dont understand what i am passing incorrectly.

do you know anything about running https locally so i can get this full flow to work? i think that is where the error i am getting is coming from.

i revamped my settings and stuff. its all working as i needed with localhost. when i try to use a named domain locally, i get the following error:

BadRequestError: checks.state argument is missing

is that because i need to use https? and then i will have the self-signed cert issue again?

Hi @loucapo,

Thank you for your responses.

In my tests, I was able to reproduce the BadRequestError: checks.state argument is missing error only when I went directly to the /authorize endpoint with my own custom state parameter. It seems to work fine when the state is automatically generated by my app when I click on the login button.

After investigating, I found that this error happens because of the reasons described here and I recommend following the workaround provided on the page.

Please let me know how it goes for you.

Thanks,
Rueben

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.