We use Auth0 to provide SSO for a whole host of applications. During login, we use a bunch of rules to check things like authorization for that particular application.
If one of those checks results in an error, we used to just use something like return callback(new Error('error description')
. However, that redirects back to the application and means we need to add error handling code to every single one of them (some are SaaS, so we can’t).
So, we decided to follow the folks at Mozilla and suggestions here on the community and use a redirect to a custom, self-hosted error page using context.redirect
. However, that means Auth0 doesn’t know there was an error and it doesn’t show up in the logs.
Is there a ‘best of both worlds’ way of dealing with this? So redirect to a custom page on error, but have the failed login show up in the Auth0 logs?