October 24 Auth0 Community Ask Me Anything: Tailor Your Experience with Universal Login — From Low-Code to Pro-Code

Localizing your custom elements can be done by creating custom text variables for use inside the page template and custom prompt partials. Here is an article that walks through localizing the text of a Terms of Service checkbox inserted using a partial.

2 Likes

We do not have a published public roadmap at this time. We are continuously learning about more scenarios that we can definitely improve upon, and working to deliver a great product.

You can stay up to date on all our improvements on Auth0 Changelog

1 Like

I’m a bit unsure of your scenario, but if a password reset needs to be accomplished on a social identity they will need to update it on that provider (Apple, Google, etc). If the user has a linked database connection user then they can use the built-in forgot password flow. Perhaps for your scenario you could create a database user that is linked to your social identity users? Documentation.

For database users, we do have APIs to send change password requests to email addresses on the management API and Authentication API.

1 Like

Adding custom elements like a GDPR compliant checkbox requires a paid subscription. All paid plans include both custom page templates and the ability to insert custom elements into the signup and login screens.

1 Like

Once you log the user out, I’d suggest redirecting them to a page within your application that lets them know they were logged out instead of immediately redirecting to the login page. Once you redirect to the login page then various timeouts may come into play to ensure proper security. The error you are seeing I suspect is due to the fact that the login transaction has timed out or the state is otherwise invalid.

1 Like

In 2025, we will be releasing a feature that will resolve this issue. Currently Passwordless authentication is a separate connection from our other local connection (Database). We will be merging Passwordless and Database into one connection. This will resolve several known issues around passwordless including this one.

2 Likes

Was wondering how you can add a passwordless selection button to the Universal Login, can this be done by using the Page Template editor from the CLI or somewhere else

1 Like

This is not possible today, but we have various efforts going on to enable more flexibility for Tenant Administrators to allow end-users more flexibility in how they login - password, passkey, sms, email otp.

We hope to have more improvements in this area announced soon, and you can stay up to date on this at Auth0 Changelog.

1 Like

Thank you all for the questions! Michael and I are doing a couple more follow ups on a few questions we’re not able to get answers to today. So, if your question was posted before our AMA and has not received a response we’ll try to get you an update soon.

2 Likes

Thanks Brandon for responding. This is what we settled on and is working for our use case.

2 Likes

Hi

I’d say in this scenario you should first model your different endpoints as a single custom API in Auth0, as your Application will typically need to consume all of them after the user authenticates, therefore the access and refresh token that you get back from the Universal Login flow should allow you to access all your endpoints, without having to do additional interactions. Note you can still be able to assign a different scope per operation - endpoint combination, so you will be able to apply dynamic authorization policies depending of who the user is or other policies, either via roles or dynamic control from post-login Actions.

Once that is set up, from a security perspective, you’ll want to use the Authorization Code Flow with PCKE, given you will be interacting from SPAs and Mobile Apps. Additionally, you’ll want to use rotating refresh tokens as explained in this article.

With regards to .net8, I suggest you read:

2 Likes