Redirecting Users to Different Web Applications After Universal Login

leonardo.lombardi · August 24, 2023, 5:28pm

Hello Auth0 Community,

I have set up a single Auth0 tenant that serves two distinct web applications. These applications are hosted on different domains, let’s say app1.com and app2.com.

I aim to implement a Universal Login flow using a third URL (let’s say app.com). The desired flow is:

User visits app.com.
User is redirected to the Auth0 Universal Login Page.
After authentication, based on certain criteria (either the incoming application or user’s app_metadata), the user is directed to either app1.com or app2.com.
The chosen application (app1.com or app2.com) completes the authentication flow, and the user can then interact with it as an authenticated user.

Currently, using Next.js 13 and Auth0, I’ve been able to achieve the redirection using an Auth0 Action (Step 4). This redirects users to app1.com/api/auth/callback or app2.com/api/auth/callback successfully.

However, I’m having difficulty with the last part of the flow (Step 5). I tried using the “state” query parameter to conclude the authentication process, but I can’t discern what information I need to send/receive to complete the authentication and maintain the user’s authenticated state on app1.com or app2.com.

Could anyone provide insights or guidance on how to successfully finalize this authentication flow?

Thank you in advance!

rueben.tiow · August 25, 2023, 4:22pm

Hi @leonardo.lombardi,

This is a little difficult to do since the login request specifies the ‘redirect_uri’ (Callback URL), meaning that you will need to preemptively know where the user is going to land at the end of the authentication flow.

For example:

https://{yourDomain}/authorize?
    response_type=code&
    client_id={yourClientId}&
    redirect_uri={https://yourApp/callback}&
    scope={scope}&
    audience={apiAudience}&
    state={state}

Given that, you could have the user select whether they want to log in to app1.com or app2.com at the start and have them authenticate that way.

Let me also mention that using Redirect with Actions will redirect the user to your preferred URL. However, to complete the authentication flow, the user must be sent back to the /continue endpoint with the ‘state’ parameter, where they will eventually complete the flow and land on the Callback URL you specified in the ‘redirect_uri’ query parameter in the login request.

See this doc for more information on resuming the authentication flow when redirecting with Actions.

Thanks,
Rueben

system · September 8, 2023, 4:23pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Login From Website With Multiple Domains Using Single Application Help classic-universal-login-experience , login-experience	6	168	July 17, 2024
Redirect back to the original page after Auth0 Universal Login Help	1	1252	October 14, 2022
Login using oauth/toke 2 apps Help apis , application	2	116	June 28, 2024
Create 2 Application Login URIs with SAML SSO? Help sso , application	0	9	July 25, 2024
Is it possible to build a request flow like "user <-> regular webapp <-> middleware service <-> auth0 tenant"? Help	0	1584	March 18, 2022

Redirecting Users to Different Web Applications After Universal Login

Related Topics