Redirect from Auth0 action to custom domain and pass back data to Auth0

Help
,
1

I am trying to implement Redirect with Actions but unfortunately I can not really figure out how this is supposed to work. I’m also uncertain if my use-case is even applicable.

Use-Case

Users who login into my application share the same Auth0 organisation and database but are restricted to different app routes. I have currently set up a Post-Login Action which redirects users to a custom “login-route” if they tried to login from a route they have no access to. The redirect is always the app’s login URI which is part of the Auth0 application settings.

Since the user then has an active login session but no JWT yet, I would like to redirect the user to his appropriate login route but without entering his credentials again.

The Problem

My idea was to implement this via redirects, meaning I somehow send data back to Auth0 and redirect the user again inside the onContinuePostLogin hook. Unfortunately, I have encountered a few problems with this:

  1. It seems that an additional query parameter in api.redirect.sendUserTo(redirect, {query: {test:"test"}}); will cause the state parameter to be affected and sending it back to the /continue endpoint causes a 400 error with the notice that “Something might be wrong with my state parameter”.

  2. I have not yet managed to send data back to Auth0 without getting an error. It seems that I cannot add any query parameter I want. I know that it should work since the docs give the example by submitting a JWT.

Therefore, my questions:

  • Can I only submit JWT’s like stated in the docs to get /continue work?
  • Does it even make sense to redirect again inside onContinuePostLogin?

Current Solution

  • The user logs in from a different login endpoint, where he has no access to via loginWithRedirect({ authorizationParams: { organization: "some-org-Id" } });
  • I redirect the user from inside the Post-Login Hook to my login endpoint attaching a custom parameter with api.redirect.sendUserTo(redirect, {query: {custom: "some-custom-value"}});.
  • At the endpoint I let the user choose a different login location. An onClick handler redirects the user to the chosen login location.
  • At the login location I call loginWithRedirect({ authorizationParams: { organization: "some-org-Id" } }); which logs in the user into the right login route.

Although this works, it somehow seems a bit hacky and I also see 2 successful logins in the Auth0 logs! Is there a better way of doing this? Would the “Redirect” approach the appropriate solution?

Thanks! Any help appreciated! :raised_hands: