I always used the shiny-auth repository to secure my R Shiny Dashboard. This worked brilliantly, until recently. Some updates in the repository (I guess removing the old lock object) made that my users are now redirected to my AUTH0 domain (mycompany.eu.auth0.com/login?client=…), rather than staying on our personal domain (mycompany.com/login).
How can I let my users stay on my domain while trying to login? What caused this change in behavior and is there a good reason for redirecting users to the AUTH0 domain?
We updated the shiny-auth0 as part of our effort to move our SDKs to universal login .
The main advantage is security. Capturing credentials on a single domain reduces the vulnerability to man-in-the-middle attacks compared to cross-origin authentication. Another advantage of universal login is support for SSO. We’re making this available in shiny-auth0 soon.
If you want to keep your users on the same domain, you can use custom domains which we aim to have ready for production usage by end of Q1 this year.