We have configured a single page in our application to handle the redirects for the following Auth0 scenarios:
- New account created, requires email verification
- New account confirmed
- Forgot password, successfully confirmed new password
Each of those scenarios directs the user to our SSO handler page, which will conditionally display different messaging depending on the URL variable Auth0 sends along in the URL. However, we’re seeing something unexpected. Here are the URL variables that are coming through:
1. New account created, requires email verification
-
emailverification=false
-
useremail=###
-
client=###
-
state=###
2. New account confirmed
-
supportSignUp=true
-
supportForgotPassword=true
-
email=###
-
message=###
-
success=true
3. Forgot password, successfully confirmed new password
-
email=###
-
success=true
-
message=###
Why does the “Forgot password” confirmation URL not include the variable ‘supportForgotPassword=true’ but the New Account Confirmation URL does include that variable?