Redirect To {{ application.callback_domain }} for email verification is not working, its empty

Hello, there was a thread but was not finished with a solution Redirect To for classic login doesn't work

For my case, user is created by management api too (please check the last comment of nicolas_sabena[Auth0 Employee]). If it doesn’t work for the user which is created by management api, what to do to make it work?

Hi @humayun.ahmed and thanks for contacting Auth0 Community!

The post you linked to was pretty long, so apologies if I missed some details about this issue.

Just to confirm, did you provide a fallback url as described in Nico’s comment and it’s still not working?
{{application.callback_domain | default: "https://default-domain.com"}}/after_password_change

Let me know if the above configuration doesn’t work for you, if so please send me your tenant in a DM so I can have a closer look at your tenant.

Best Regards,
Colin

Yah I have also tested this, as my user is created by management api, so application.callback_domain is always empty and its always redirecting to the default url which seem logical according to the expression. But if it always redirect to default then what is the necessity to use application.callback_domain. Again the same user is using from different application as SSO concept, its not possible to put default url as every application have different redirect url.

This is completely wrong architecture design by the Auth0 architect. When a user using Auth0 login flow from an application, obviously request is using dedicated client credential. So Auth0 know which client, so instead of taking the url from that application specific allowed url which is configured in Auth0, why its picking url from user’s associate application?

User shouldn’t be relate to any application when it’s creating because you never know from which application you gonna use that user.

Might be useful for other developers here,
I’m creating a user via the Universal Login feature,
but sending the email verification email using management API, using auth0 - npm

You can pass the Client ID of the Single Page Application (not the Machine to Machine Application) to tell Auth0 the context, so that {{application.callback_domain}} is set.
I mean in concrete,

const auth0Client = new auth0.ManagementClient({
  domain: `${config.auth0Account}.auth0.com`,
  clientId: config.auth0ClientId, // Machine to Machine Client ID
  clientSecret: config.auth0ClientSecret,
  scope: 'read:users update:users',
});
const userId = 'auth0|.........'
auth0Client.sendEmailVerification({
  user_id: userId,
  client_id: '....', // Single Page Application Client ID
})

I have to say this API is very weird… but anyway this is how it behaves now

1 Like

Thanks for sharing that with the rest of community!