Auth0 Home Blog Docs

Universal login and hash-based routing in angularjs app



I have an angularjs app which uses auth0.js v6. I would like to migrate to use universal login. My app uses hash-based routing.

The quickstart guide for angularjs states

This example assumes you are using path-based routing by setting $locationProvider.html5Mode(true). If you are using hash-based routing, you will not be able to specify a dedicated callback route. The URL hash will be used to hold the user’s authentication information.

The documentation (as far as I can tell) doesn’t explicitly say that universal login is not possible if hash-based routing is used.

Could someone please clarify if there is a way to use universal login in an angularjs app which uses hash-based routing?

The same question was asked for angular2 but no answer was forthcoming.



You can use hash based routing but to do so requires you to specify the callback URL as the root of your application (e.g., /) as the hash fragment that specifies the path will be removed by Auth0, i.e., https://your-domain/#/callback will become https://your-domain/.

Please keep in mind that we strongly recommend against hash based routing and you should use path based routing instead if possible.

RFC3986 defines the expected order of a URL as scheme|authority|path|query|fragment. SPA frameworks like Angular that use hash based routing violate this standard and expect scheme|authority|path|fragment|query instead.

Hash based routing can also introduce problems with Auth0.js when you use the implicit flow as the resulting access token returned is contained within the hash fragment.