Universal Login how does it work

Researching the Universal login, watched all the videos, setup a quick start app but I am not understanding how to implement it into our existing applications. If we have multiple applications in Auth0 with their own web origins, callback urls and logout urls but they all look at the same database connection in Auth0. How can I setup one universal login page that will allow a user to login to one of the applications and seemless switch over to the other without having to login again? Is the universal login something that the applications will be “redirected” to at the login page? How does it work?

Yes, essentially when someone clicks on “Log In” in X app, you should be redirected to Universal Login. When you redirect, you also pass the Client ID of the Application the user is authenticating to (see the auth0 JS libraries). When the user is redirected, if they’re not logged in they will be shown a form to log in. Based on the Client ID, that is where they will be redirected after a successful login. If they are logged in, they will just be sent back to the callback URL.

I hope this helps.


Maybe i am misunderstanding what the universal login is, my thinking is you have multiple applications that once you login to one you can seamlessly go to the others since they use the same database connection.

That’s correct. It does work that way. You just need to redirect to Universal Login. If the user is already logged into App X through Universal Login, and then switches to App Y and presses log in they will be taken to Universal Login and then immediately sent back to App Y’s callback with an access token.

Does this help?

Will it use the same credentials from App X in the callback to App Y?

Yes, it will. From the user’s perspective it is seamless.

Alright i think this is my last clarification question on the subject, i really appreciate the insight. When you say “redirect” are you saying that if someone goes to app.x.com/login it should redirect to whatever the universal login url is? How does that work with callbacks urls with different applications using the same universal login?

Each “Application” (in auth0’s tenant panel) has its own callback URL. When you redirect (in the literal sense, using something complex like a router or as simple as window.location = '...') to Universal Login you will pass the Client ID of the respective Application. Auth0 is able to get the proper callback URL from the Client ID. Universal Login will not load if you don’t pass a Client ID, as then it has no idea where to send the user after they finish entering their credentials. When the user enters the correct credentials, Universal Login will send the user to whichever callback URL is defined for the respective Client ID (Application) along with the access token information in the URL. The auth0 JavaScript libraries take care of a bulk of the minutia here.

To answer your question, yes: when you go to the /login route of the respective application simply redirect to your Universal Login URL.

Also, no worries. Ask as many questions as you need.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.