Hello there!
There are a few other topics on these forums relating to this topic, but none of them specifically use next.js, and I wasn’t able to easily replicate what those others are asking.
When users login to our application, they are presented with the ability to create an organization.
Under the hood, we do the following on our backend:
- create the org
- Add the currently authenticated user to that organization
- Enable various connections in that organization so when the user re-auths under the org, they can continue to actually log in.
Now, the problematic part is how we can re-authenticate the user under the organization such that the org_id appears in their JWT token.
I tried creating a serverless function that checks the user’s organizations and redirects them to the login page with the organization
parameter set. However, after inspecting the JWT token, they still don’t have the org information in the token.
Example of the redirect function:
import { withApiAuthRequired } from '@auth0/nextjs-auth0';
export default withApiAuthRequired(async function (req, res) {
const orgId = "<redacted>";
return res.redirect(`/api/auth/login?organization=${orgId}`);
});
If I can get this to work, ideally this would suffice for the initial org creation, as well as subsequent visits to our page, as we would hit this call and automatically redirect them through the org login flow, properly setting their access token.
In an ideal world, the user never actually has to see the organization specific login page. That is more of an implementation detail and the user should only ever have to login a single time (through our general login page.)
Any help is appreciated, and happy to clarify anything that is unclear.