Universal Login, Showing error messages returned from rules

I am using the Universal Login page with a custom domain and I have a rule that whitelists email domains.
When the rule rejects a login attempt I am redirected to my callback url with the error appended as parameters:
.xyz Domain Names | Join Generation XYZ&error_description=Access%20denied.&state=

I then redirect to my login page (with the params):
.xyz Domain Names | Join Generation XYZ&error_description=Access%20denied.&state=

which executes the Auth0 login (using the PHP API):
$auth0 = new Auth0([ //stuff removed for brevity 'scope' => 'openid profile email user_metadata app_metadata', 'persist_id_token' => true, 'persist_access_token' => true, 'persist_refresh_token' => true, ]); $auth0->getUser()

At this point the params are lost and not displayed in my custom hosted login page.
How can I get the login page to automatically process the returned errors ? - or is there a way I can forwards the params and display them using lock.show e.g
lock.show({ flashMessage: { type: 'error', text: error_description_param_here } });

duh! Didn’t preview.
Here is the correctly formatted original post:

I am using the Universal Login page with a custom domain and I have a rule that whitelists email domains.
When the rule rejects a login attempt I am redirected to my callback url with the error appended as parameters:
blahblahblah.com/Home?error=unauthorized&error_description=Access%20denied.&state=...

I then redirect to my login page (with the params):
blahblahblah.com/Login?error=unauthorized&error_description=Access%20denied.&state=...

which executes the Auth0 login (using the PHP API):

$auth0 = new Auth0([ 
//stuff removed for brevity 
'scope' => 'openid profile email user_metadata app_metadata', 
'persist_id_token' => true, 
'persist_access_token' => true, 
'persist_refresh_token' => true, ]); 
$auth0->getUser()

At this point the params are lost and not displayed in my custom hosted login page.
How can I get the login page to automatically process the returned errors ? - or is there a way I can forwards the params and display them using lock.show e.g

lock.show({ flashMessage: { type: 'error', text: error_description_param_here } });

Hi @auth02 … let me make sure I understand what you’re trying to do here. You want the Rule to process the login, accept or reject, then show whatever error you rejected with on the Universal Login page?

Probably the easiest way to do this is to handle it right in your application on an error page or your callback. So when this URL is loaded:

blahblahblah.com/Home?error=unauthorized&error_description=Access%20denied.&state=...

… you look for the error param and do your output there. If the action is to log in again, then have a link pointing to blahblahblah.com/Login to try again. Then you don’t need those parameters to survive multiple redirects. That will also catch any other errors that might happen on the ULP. Here’s an example of that I just put together for some upcoming documentation about this:

Hi Josh

Thanks for responding.

I was hoping there was a way to display the errors within the ULP for consistency as is suggested in the docs

If you are returning custom error codes from a rule or a custom database script, you can also add the error messages in the dictionary:

But the PHP library doesn’t seem to handle passing these parameters back to the ULP.

Happy to help!

The method you’re using, Auth0\SDK\Auth0->login() does not take into account parameters, you’re correct. But you can build the link yourself and include those parameters if you want. The method is here:

… and an example of how that method is used is here:

In your error handling, you can build out the authorize link if those error params are present.