For our application we’ve substituted the Auth0 lock with a custom login form. Our react application calls our backend api which are calling Auth0
grant_type: 'password' to return to the client a new token.
This works perfectly, but we’re having some problems in implementing the SSO. We also have a salesforce application that uses the Auth0 plugin for integration. The issue here is that because we are not using the lock anymore, the login form on our hosted login page used by salesforce, doesn’t know anything about the current user, therefor is presenting a login form.
What I’m looking for, always if it’s possible, is to pass the current user token to the hosted login page so that it automatically recognise my user.
I have tried different alternatives, I have also tried to call
webAuth.client.userInfo with the token released by
/oauth/token but, after changing to RS256, it still returns 401.