onContinuePostLogin not reach after users/{id}/identities

yujikunda · August 29, 2024, 4:57am

Hi All,

I’m implementing a process in Auth0 Actions using onExecutePostLogin where I redirect to my custom API and then continue to onContinuePostLogin. Normally, this flow works well, including JWT validation.

However, I’m encountering an issue where the redirection to onContinuePostLogin fails in the following specific scenario:

After calling the Auth0 Management API v2’s POST /users/{id}/identities to merge the requesting user’s data into another user’s identities within the API.

From what I’ve observed, when this pattern occurs, the onContinuePostLogin function is never reached, and the Auth0 “Something went wrong” error screen is displayed.

My assumption is that after merging accounts using POST /users/{id}/identities, the original user data is removed from the Users database, causing the state that maintains the session to become invalid.

I’m aware that account merging can also be done within onExecutePostLogin, but due to development requirements, I need to perform account merging via my custom API.

Is there any solution to this issue?

Actions

exports.onExecutePostLogin = async (event, api) => {
  const token = api.redirect.encodeToken({
    secret: event.secrets.MY_SECRET,
    payload: { 
      email: event.user.email,
    },
  });
  // execute POST /users/{id}/identities here
  api.redirect.sendUserTo("my_endpoint", {
    query: { session_token: token },
  });
};
      
exports.onContinuePostLogin = async (event, api) => {
  try {
    const payload = api.redirect.validateToken({
      secret: event.secrets.MY_SECRET,
    });
  } catch (error) {
    api.redirect.sendUserTo("my_error_page");
  }
};

My Rails Server Side

payload = JWT.decode(params[:session_token], ENV['MY_SECRET'], true, { algorithm: 'HS256' }).first

# execute POST /users/{id}/identities here
# if don't execute POST /users/{id}/identities here, success redirect_to
new_token = JWT.encode(
  {
    sub: payload['sub'],
    exp: payload['exp'],
    iat: Time.now.to_i,
    state: params[:state]
  },
  ENV['MY_SECRET'],
  'HS256',
  { typ: 'JWT' }
)

redirect_to "https://#{ENV['AUTH0_DOMAIN']}/continue?state=#{params[:state]}&session_token=#{new_token}", allow_other_host: true, status: 302

Topic		Replies	Views
onContinuePostLogin not getting called on Post Login Action redirect Help identifier-first , login-experience	3	47	September 23, 2024
Problems with postlogin actions Help login-experience , signup-prompt-new-experience	6	1829	May 14, 2024
Unable to process redirect callback (Redirect Action) Help management-api , users	2	50	October 29, 2024
Redirect after login complete Help login-experience , new-universal-login-experience	6	42	October 3, 2024
Connecting a legacy system during Auth0 login Help login-experience , new-universal-login-experience	6	34	October 31, 2024

onContinuePostLogin not reach after users/{id}/identities

Related Topics