I am trying to implement Redirect with Actions but unfortunately I can not really figure out how this is supposed to work. I’m also uncertain if my use-case is even applicable.
Use-Case
Users who login into my application share the same Auth0 organisation and database but are restricted to different app routes. I have currently set up a Post-Login Action which redirects users to a custom “login-route” if they tried to login from a route they have no access to. The redirect is always the app’s login URI which is part of the Auth0 application settings.
Since the user then has an active login session but no JWT yet, I would like to redirect the user to his appropriate login route but without entering his credentials again.
The Problem
My idea was to implement this via redirects, meaning I somehow send data back to Auth0 and redirect the user again inside the onContinuePostLogin
hook. Unfortunately, I have encountered a few problems with this:
-
It seems that an additional query parameter in
api.redirect.sendUserTo(redirect, {query: {test:"test"}});
will cause thestate
parameter to be affected and sending it back to the/continue
endpoint causes a 400 error with the notice that “Something might be wrong with my state parameter”. -
I have not yet managed to send data back to Auth0 without getting an error. It seems that I cannot add any query parameter I want. I know that it should work since the docs give the example by submitting a JWT.
Therefore, my questions:
- Can I only submit JWT’s like stated in the docs to get
/continue
work? - Does it even make sense to redirect again inside
onContinuePostLogin
?
Current Solution
- The user logs in from a different login endpoint, where he has no access to via
loginWithRedirect({ authorizationParams: { organization: "some-org-Id" } });
- I redirect the user from inside the Post-Login Hook to my
login
endpoint attaching a custom parameter withapi.redirect.sendUserTo(redirect, {query: {custom: "some-custom-value"}});
. - At the endpoint I let the user choose a different login location. An
onClick
handler redirects the user to the chosen login location. - At the login location I call
loginWithRedirect({ authorizationParams: { organization: "some-org-Id" } });
which logs in the user into the right login route.
Although this works, it somehow seems a bit hacky and I also see 2 successful logins in the Auth0 logs! Is there a better way of doing this? Would the “Redirect” approach the appropriate solution?
Thanks! Any help appreciated!