I appreciate any help I can get. I’ve set up auth0 in our login flow and the “happy path” works just fine. However, I’ve also set up a rule that upon login does a call to our API and perform some permission checks. If the user doesn’t have the right permissions, I’m doing
return callback(new UnauthorizedError('User unauthorized'));. However, the user is still redirected to the redirectURI, with an error in the url. I would expect the user to not be redirected in the first place and rather get an error message similar to when they attempt to log in with the wrong username/password. Is that possible?