Redirect to Auth0 login page after password reset

dariusz · September 21, 2023, 9:23am

Hi,
I’m working on a login flow. I’m using the Classic Universal Login page.
I have custom HTML for login/register and forgotten password. The password recovery (after clicking reset in the email) uses the standard Auth0 template (unchanged).
In my app, I have a “Login” button that triggers “loginWithRedirect” from auth0-react.

Next, the flow: After clicking Login I’m redirected to Auth0 login page. When I click “Reset password” and enter my email, then click “Reset”, I receive an email from Auth0. I click to reset the password and am presented with the Auth0 window with fields to reset the password. After clicking, a success message appears indicating the password was reset.

And this is where I have a problem. I now want to redirect to the login page.
I know that there is a “Redirect to” field in the email templates. But what should I add there to redirect to the login page that is the Auth0 page?

julien.nanquette · September 21, 2023, 3:30pm

Hi,

I may be wrong, but according to Customize Email Templates (auth0.com), I thin you can set the value to :“application.callback_domain”. If your app has the correct allowed callback url set, this should do what you intend to.

Hope this helps.

dariusz · September 21, 2023, 5:12pm

And it will redirect me to my website like https://my-domain (as I have it in allowed callbacks urls).
But I want to redirect user to https://dev-my-auth-0-id.us.auth0.com/login?state(...) - this auth0 login page. Can i do it?

julien.nanquette · September 22, 2023, 7:40am

Further in the same documentation, I read that
"Because the application name is encoded for security, you should always use an encoded value (especially if your application name contains a character that changes once encoded). For example, you’ll want to use My%20App instead of My App.

For single-page applications (SPAs), the Redirect To URL may contain the hash and route for a particular state/view in the app, followed by route parameters"
Have you tried it ? There is a troubleshooting part just after, in case I doesn’t work.

dariusz · September 22, 2023, 8:28am

The issue with the link to the auth0 login page (when I add it to Redirect To) is that auth0 generates a new state query parameter every time I trigger “loginWithRedirect” in my local application. Consequently, the link looks different every time. When I add this link - for example:

https://dev-my-id.us.auth0.com/login?state={generated-value}&client={client-id}&protocol=oauth2&scope=openid%20profile%20email&redirect_uri={host}&response_type=code&response_mode=query&nonce={other-generated-value}&auth0Client={query-param}

it doesn’t work properly. It redirects me to the auth0 login page, but I can’t log in (an error is thrown - probably because of dynamic state query).
So, my question is: Is there a way to redirect directly to the auth0 hosted login page instead of my app?