I am making this since I’ve seen other posts with the same issues but no solutions have been provided and wanted to post my findings.
The problem I’m seeing is that if a user exists in Auth0 but is not a member of an org when it’s required, the application falls into an infinite redirect loop returning the callback url with an error search param but no Auth0 error is sent using the Auth0 hooks:
I have a React SPA that uses React Router with Auth0ProviderWithNavigate and uses the <Auth0Provider /> wrapper for handing my authentications checks and then exporting the root component using withAuthenticationRequired
Is there a better way that I could check for this on the front end?
I think ideally the universal log in from Auth0 should not allow a user to continue without an organization after a successful log in.
Question for the Auth0 team, is there a better way to handle this or a way to limit users from being able to access an application without being an org when it’s required?
This article did not address the issue I am having.
I have my connections set, the problem is that Auth0 Is still treating the user as non authenticated even though they are logging in correctly. The Auth0 SDK I am using in React is treating is return isAuthenticated === false and isError == false so the withAuthenticationRequired Is triggering a call back which checks the authentication which has come back as authenticated because the user is sign-in.
This appears to be a UX issue that needs to be improved