It would be after the user completes their onboarding. When they submit, the user should be redirected to /continue so that they can be fully authenticated.
I would like to redirect users AFTER authentication. Do I actually need to do that within a rule, or within the Auth0ProviderWithHistory component mentioned here:
The context object in the code snippet above is within a rule (Context Object Properties in Rules). The rule determines whether the user needs to do onboarding and adds a custom claim to the ID Token. Your app can read this custom claim in the user object to see if they need to be redirected.
You could instead store this in appState if you have a dedicated sign up button, but if a user were to click login, and then switch to “sign up” from within the Universal Login, then your app will have no way to know that the user is new.
Ok. So the rule I create adds a new attribute to the user object, say “http://my-app-uri/requiresOnboarding”. Now where should I put the redirection logic, e.g. history.push(“/:locale/onboarding”)?
Here are the options have found for redirecting after signup (summarizing ones we’ve already discussed):
Progressive profiling using rules - This is the recommended approach, but it does require your app to redirect the user back to your Auth0 tenant to complete the authentication flow. The user would log in, fill out their onboarding, and then be redirected to the https://YOU_AUTH00_DOMAIN/continue endpoint along with the state query param.
Example rule:
function (user, context, callback) {
var loginCount = context.stats && context.stats.loginsCount ? context.stats.loginsCount : 0;
var url = "http://localhost:3000/en/onboarding";
if (context.protocol !== "redirect-callback" && loginCount <= 1) {
context.redirect = { url };
}
return callback(null, user, context);
}
Redirecting using appState - This would be the easiest to implement, but it would mean that you would need to prevent users from logging in from the Universal Login. If they click “Sign up”, then they would need to be a new user signing up, and they could not select the “Already have an account? Login” option. This can be configured, but it is probably not ideal.
Custom component wrapper - You can use a rule to inform your app if it is the first time the user has logged in, and then write a component wrapper to use on your protected routes. I tested this out using the example app from the blog you mentioned:
Based on the blog post example, I still don’t know where I put the https://my_auth0_domain/continue redirection. In the redirectUri prop of the Auth0Provider?
Like you said, not ideal…
I get that it would redirect any user to my onboarding flow but only when he would attempt to access a protected route, so not necessarily after signup, right? Do I need, on top of that, to change my redirectUri then?
(In a couple of my previous messages, I accidentally put /complete when I meant /continue . Sorry for any confusion that may have caused! I am going to edit those for future readers)
The redirect to https://my_auth0_domain/continue would take place after the user completes their onboarding. For instance, if you have an onboarding form with a submit button, the submit handler would need to redirect the user like so:
const urlParams = new URLSearchParams(window.location.search);
const state = urlParams.get('state');
window.location.href = `https://my_auth0_domain/continue?state=${state}`
Auth0 will then redirect the user back to the original redirectUri in your Auth0Provider, as if it is a normal login.
Yes, makes sense!
Yes, that is a good point! You’d likely need to wrap all routes in the custom wrapper instead of the protected routes only. Again, I think option one might be the best solution since you would not have to add a great deal of this logic in your own app.
Before even considering to redirect users to https://my_auth0_domain/continue at the END of onboarding, the app is stuck after signup BEFORE onboarding starts when I activate the rule (as I explained in my first message). Could you please use the blog post I mentioned to explain what adaptations I should make to my React app?
Besides, I stumbled upon Auth0 Actions, would it be interesting to use this instead (and how)?
function (user, context, callback) {
var loginCount = context.stats && context.stats.loginsCount ? context.stats.loginsCount : 0;
var url = "http://localhost:4040/onboarding";
if (context.protocol !== "redirect-callback" && loginCount <= 1) {
context.redirect = { url };
}
return callback(null, user, context);
}
Regarding Actions, this feature is in beta, and you can read the documentation here: Auth0 Actions. There is not a public general release date yet, but I’d estimated it to be within this quarter.
In the current beta version of actions, you would redirect users like this: