I’m trying to add a custom Action to the post-Login flow. The flow itself is PKCE-based and therefore requires the
code value generated in the auth flow to be included in the final redirect back to our application from Auth0.
The Action I’ve written uses the
sendUserTo redirect so that they go to our server in order to store some metadata before going back to Auth0 to complete the auth flow. However, the
code parameter is stripped from the URL and therefore the auth flow fails when the user lands back in our app.
Just to be clear, the standard auth flow works, and passes both the required
code params through to our app.
I found this older post, which describes exactly the same problem but that got closed without any explanation for how to ensure the
code parameter was dropped after calling
sendUserTo: Redirect with `code` on onExecutePostLogin