Unexpected TFA Page on App Reopen (Need to Redirect to Login Page)

Get Help
,
1

Description:

Hello Auth0 Support Team,

I’m currently integrating Auth0 login flows into our mobile app (React Native), and we’re facing an issue with the behaviour after the user partially completes authentication.

:backhand_index_pointing_right: We are using Auth0 Universal Login for both login and signup flows.

Issue Summary:
When a user logs in with their credentials and is redirected to the TFA (Two-Factor Authentication) verification screen, if they close the app at that point and reopen it, they are automatically shown the TFA verification page again — bypassing the login screen entirely.

This also occurs when the user taps the “Sign Up” option; instead of showing the signup form, it incorrectly navigates to the TFA screen.

Expected Behaviour:

  • When the app is reopened, the user should be shown the Login page, not the TFA screen, unless a valid authenticated session is still active.
  • The Sign Up flow should not be affected by any previous TFA state and should correctly display the registration form.

Current Behaviour:

  • The TFA page is persistently displayed on app reopen or when selecting “Sign Up,” even though no valid session is resumed.
  • It seems like some state is cached or retained incorrectly, possibly due to an incomplete authentication flow.

Steps to Reproduce:

  1. Open the app and login with valid credentials.
  2. On the TFA screen, close the app without completing verification.
  3. Reopen the app — it directly navigates to TFA screen.
  4. Tap on Sign Up — it still shows the TFA screen instead of the registration form.

Please let us know if there are any session management practices, cleanup steps, or recommended SDK changes we should implement.

Thanks,

2

@exchanga welcome to the Auth0 Community. One of our certified Auth0 Community experts will chime in to assist you from here. Glad you’re here. Hang tight!

4

Hi @exchanga,

The current behavior that you’re experiencing is the default one, where your login credentials are being validated, and the session gets saved at that point. If this is not your desired behavior, you can call the clearSession() method before you call authorize(). This will clear the session cookie and force the Universal Login page to start fresh instead of proceeding to the MFA page.

Here’s how you can implement this for both login and signup:

import { useAuth0 } from 'react-native-auth0';

// ... inside your component

const { authorize, clearSession } = useAuth0();

const handleLogin = async () => {
  try {
    // 1. Clear any existing web session before starting a new login.
    await clearSession();
    // 2. Now, authorize the user. They will see the login page.
    await authorize();
  } catch (e) {
    console.log('Login error:', e);
  }
};

const handleSignUp = async () => {
  try {
    // 1. Clear any existing web session to prevent resuming the TFA flow.
    await clearSession();
    // 2. Authorize with a screen_hint to show the signup form directly.
    await authorize({ screen_hint: 'signup' });
  } catch (e) {
    console.log('Signup error:', e);
  }
};

If you have any other questions, feel free to reach out.

Have a good one,
Vlad

5

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.