UnauthorizedError in rule still redirects

christian.borresen · April 9, 2021, 10:05am

Hi,

I appreciate any help I can get. I’ve set up auth0 in our login flow and the “happy path” works just fine. However, I’ve also set up a rule that upon login does a call to our API and perform some permission checks. If the user doesn’t have the right permissions, I’m doing return callback(new UnauthorizedError('User unauthorized'));. However, the user is still redirected to the redirectURI, with an error in the url. I would expect the user to not be redirected in the first place and rather get an error message similar to when they attempt to log in with the wrong username/password. Is that possible?

Thank you

stephanie.chamblee · April 9, 2021, 7:08pm

Hi @christian.borresen,

Welcome to the Community!

When an authorization error is thrown, the application must handle the error by using the error description in the URL. Unfortunately, you can’t display the error on the Universal Login page that is thrown in a rule since the rule runs after the user logs in.

Here is a detailed FAQ that explains more: Can I show errors raised in rules in the login page?

system · April 24, 2021, 7:08pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Cancel login from within a rule Help rules	2	3654	April 23, 2021
Why custom rule error does not return back to login page Help rules , login , redirect , unauthorizederror	8	6359	March 2, 2018
API responding to a rule Help auth0 , rules , redirect-rules	2	3776	December 26, 2018
Render a custom error page from Rule Help rules , login , error-page	3	5840	April 28, 2021
Can I show errors raised in rules in the login page? Knowledge Articles	1	5953	October 6, 2020

UnauthorizedError in rule still redirects

Related Topics