I’m using organizations with an SPA. My backend calls the management API Create invitations to an organization
route and generates the URL. I send the invitation email with URL to the email address using my email service. The URL has the correct invitation ticket, and org ID and name query params. In my app, when I detect an invitation ticket in the query, I call loginWithRedirect
with the invitation
and organization
auth params:
const url = window.location.href;
const inviteMatches = url.match(/invitation=([^&]+)/);
const orgMatches = url.match(/organization=([^&]+)/);
if (inviteMatches && orgMatches) {
loginWithRedirect({
authorizationParams: {
organization: orgMatches[1],
invitation: inviteMatches[1],
},
});
}
This navigates the user to the Auth0 “You’ve Been Invited” page, where they are asked to login with email and password. The issue is that, of course, they can’t login! They don’t have a user or password yet!
The documentation implies that a user will be created if it doesn’t exist, but that is not happening.
How is this flow supposed to work?
Thanks,
Dave