UnauthorizedError in rule still redirects

christian.borresen · April 9, 2021, 10:05am

Hi,

I appreciate any help I can get. I’ve set up auth0 in our login flow and the “happy path” works just fine. However, I’ve also set up a rule that upon login does a call to our API and perform some permission checks. If the user doesn’t have the right permissions, I’m doing return callback(new UnauthorizedError('User unauthorized'));. However, the user is still redirected to the redirectURI, with an error in the url. I would expect the user to not be redirected in the first place and rather get an error message similar to when they attempt to log in with the wrong username/password. Is that possible?

Thank you

stephanie.chamblee · April 9, 2021, 7:08pm

Hi @christian.borresen,

Welcome to the Community!

When an authorization error is thrown, the application must handle the error by using the error description in the URL. Unfortunately, you can’t display the error on the Universal Login page that is thrown in a rule since the rule runs after the user logs in.

Here is a detailed FAQ that explains more: Can I show errors raised in rules in the login page?

system · April 24, 2021, 7:08pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Cancel login from within a rule Help rules	2	3658	April 23, 2021
Why custom rule error does not return back to login page Help rules , login , redirect , unauthorizederror	8	6360	March 2, 2018
API responding to a rule Help auth0 , rules , redirect-rules	2	3776	December 26, 2018
Rules: redirect on error, still have it show up in logs Help rules , login	4	4977	July 7, 2019
How to handle error messages from Rules Help rules	2	3739	August 28, 2019

UnauthorizedError in rule still redirects

Related topics