Optimize login flow

shafty023 · October 24, 2024, 6:10pm

Hi there, we have an application being built off of auth0 for authentication. The application uses React-Native to build web/android/ios. Let me explain the current flow.

Universal Login
Google/Apple
Email/Password

User enters an email/password, hits create account and must check their email to verify their email address. Upon tapping the button they are presented with a page that mentions they’re verified and need to log back in. So they have to open the original tab again, tap login, and re-type their email/password to log in. How can we optimize this using auth0? Ideally, after verifying their email I’d want them redirected back to our website (I’ve seen the redirect_url) but I don’t want them having to re-authenticate again. I’d like for them to be redirected back to our app and silently be authenticated. I see there’s options such as magic link (appears deprecated as it only works with classic login) and email code (OTP) but that requires manually entering a code. How can we make this more seamless in a not deprecated manner using Universal Login? Thank you so much.

rueben.tiow · October 24, 2024, 7:36pm

Hi @shafty023,

Welcome to the Auth0 Community!

You can set the redirect URL for your verification email by configuring the Redirect To setting in the email template.

To make these changes, go to your Dashboard > Branding > Email Templates > Verification Email (using Link.

Thanks,
Rueben

shafty023 · October 24, 2024, 8:03pm

Hi there @rueben.tiow thanks for the reply. I’m aware of the redirect url but that would just take the user back to the login screen and not automatically log them in. What I’m hoping is to optimize the login flow so after e-mail verification they can immediately be logged in. This would require some kind of token being passed along to our app that we could present to auth0 to auth the user. As mentioned in my post, magic links seem deprecated and OTP codes require manual input back on our site. Thoughts?

rueben.tiow · October 25, 2024, 6:27pm

Hi @shafty023,

You could include the prompt=none query parameter in your login URL to automatically log the user in if they already have a valid session. Otherwise, they will be prompted to log in again. This approach uses the verification email using magic link.

For example, the Redirect To URL could look something like the following:

https://{yourDomain}/authorize?
    response_type=code&
    client_id={yourClientId}&
    redirect_uri={https://yourApp/callback}&
    scope={scope}&
    audience={apiAudience}&
    state={state}&
    prompt=none

Thanks,
Rueben

Topic		Replies	Views
Skip asking for password shortly after successful login - how? Help classic-universal-login-experience , login-experience	1	1274	March 30, 2023
Email verification as part of new universal login sign up process Feedback new-universal-login	7	5679	June 11, 2024
Auto Login - After Password Reset OR Email Verification Help login , reset-password , automatically	10	9429	November 2, 2019
Require Email Verification Before Signing In Help login-experience , new-universal-login-experience	1	1040	December 30, 2023
Auth flow using auth0-react and custom signup/login page Help auth0-react , sdks-quickstarts	3	80	August 1, 2024

Optimize login flow

Related Topics