I currently have a web application that is secured with Auth0 via a Regular Web Application. The Auth0 Application uses a standard credentialed Universal Login form for user authentication, with a Database Connection.
For user registrations, I have a custom signup form written in C# that uses the .NET Auth0 SDK. It creates a new Auth0 user in the Database Connection via the Management API.
I’m trying to add the ability for the custom signup form to redirect the user to my secured web application after a successful signup, and have them pre-logged in. Right now, when they complete the signup form, they are sent to the web application, but they have to re-enter their credentials on the Auth0 Login page to proceed (Bad user experience, since they just entered this 5 seconds ago).
So far, I’ve looked at alternative methods of authentication supported by Auth0.
- Passwordless Authentication - Requires user to receive email or text and take additional actions to login, more cumbersome than them just logging in, in this use case
- Single Sign-On - Not applicable, still requires user to login once, only useful when navigating to different applications once already logged in
- Silent Authentication - Not applicable, still requires user to login once, only useful after initial login
- Resource Owner Password Grant (Authentication API) - Tried looking into taking the username and password and calling an API endpoint to authenticate the user, once the user is created. The Authentication API service that does this only generates an access_token to be used for secured API calls, I have not found a way to use this token to authenticate access to a Standard Web Application.
- Signup API - I found references to using the Signup service (/dbconnections/signup) in the Authentication API to register users, instead of the Create User service that I currently use in the Management API. I haven’t found information in the documentation around being able to redirect the user to the web application in a logged in state using the Signup service, so this seemed like a dead end (I could have missed something).
- Rules - Tried looking into creating an Auth0 rule to accomplish this, but couldn’t find a way
- Login Form Defaults - Similar to above
I found a few previous posts on this that never seemed to get answered:
There were some other semi-related posts like this one, as well, that didn’t seem to end with a meaningful solution:
Appreciate the help with this. I’m open to changing around how my signup/login flow works if needed, but after a few hours without much headway, I’m a little stuck on whether there are any options available at all. Overall, love everything Auth0 provides since implementing a few months ago.