Two Tenants, both setup same. Universal Login but one includes link back to app and one doesn't.

Get Help
,
1

I have two tenants (a dev and production tenant). The development tenant correctly shows the “back to application” button when I provide the user with a password reset URL. However, the production tenant does not show the button and I cannot for the life of me figure out why the difference.

I am generating the ticket internally in my app and emailing it directly to the customer.

Applications in both tenants have correct LOGIN URL configured in the application.

In both tenants, if I use the internal reset password link on the universal login screen and allow Auth0 to send the email the password link does appear.

Why would it work with one tenant and not the other.

3

Hi @jr219

Welcome back to the Auth0 Community!

You might have not set the default login route for the tenant/application on the production tenant.

Besides the cURL command to configure it, you can also set it from the dashboard under Settings → Advanced → Tenant Login URI.

If you have any other questions, let me know!

Kind Regards,
Nik

4

I don’t have the default application configured for either the development or the production tenant, but it is configured at the SPA application level.

Adding it to the tenant level on the production tenant seems to resolve the issue but I’d like to know why.

I do notice that the options on the production/development tenants different on the options.

The production has these options:

Screenshot 2025-05-12 at 2.15.28 PM
Screenshot 2025-05-12 at 2.15.28 PM1406×216 9.33 KB

The development tenant has these options:

Screenshot 2025-05-12 at 2.15.18 PM
Screenshot 2025-05-12 at 2.15.18 PM1640×194 11 KB

5

Hi again,

Are both applications the same type?

The production snippet seems to be similar to a SPA application, whereas the developement snippet would show a Regular Wep App.

Kind Regards,
Nik

6

yes, both say “Single Page Applications” for the type.

7

Got it.

I believe that is because on the development tenant you have used the Default App created by the dashboard, which will include the API and Credentials tabs even if the application is set to a SPA. The one on the production environment I believe is a newly created SPA application, which would explain why it lacks the specific tabs.

Kind Regards,
Nik

8

Thanks! Any idea why the lack of a login URL on the tenant would prevent the back to app button from appearing? Does it have something to do with the ticket creation?

9

No problem!

Just to be sure, I have tried submitting a password change ticket using the Management API while I had:

  • both the tenant level Default Login Route and Application Login URI configured
  • Only application login URI configured
  • Only tenant level Default Login Route configured

In all of the scenarios the redirect button to the application was present.

This would be the cURL command executed with the relevant data:

curl -L 'https://{{AUTH0_DOMAIN}}/api/v2/tickets/password-change' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer {{API_TOKEN}}' \
-d '{"user_id":"auth0|{{USER_ID}}","client_id":"{{CLIENT_ID}}","ttl_sec":0,"mark_email_as_verified":false,"includeEmailInRedirect":true}'

Otherwise, as far as I know, there should not be any other settings which would prevent the button from appearing.

Kind Regards,
Nik