Auth0 Home Blog Docs

Username Length and Hosted Login Page

username-password-co
hosted-login-page
username

#1

On our Auth0 tenant we have username length configured to be 2-25 characters. This works fine when using the Lock on our own custom login page. However, on a hosted login page we are not able to enter more than 15 characters. We get an error stating: Use 1-15 letters, numbers and "_".

How can we enter more than 15 characters for the username on a hosted Auth0 login page?


Update (as follow-up to @jmangelo answer):

The following screenshots show the configuration as well as the error I’m getting with long usernames on the hosted login page. Short usernames work just fine, and non-hosted login pages work just fine.

My guess is your attempt to authenticate through /authorize isn’t a sound reproduction attempt. We have other login pages that use the lock on our own custom web pages, and those do not have this problem. Only the hosted login page.

![alt text][1]
![alt text][2]


#2

I could not reproduce the issue in question; I updated a database connection to have the custom length requirements you mentioned and then proceeded to perform an authentication attempt through /authorize for a client application that had the previously mentioned connection as the only connection enabled. When trying to sign up it would fail only if entered more than 25 characters for username and the validation message would correctly state my custom requirements.

You should ensure that when you’re testing this in the hosted login page Lock is indeed using the expected connection. For example, if you have more than one database connection and you access the hosted login page for an application that uses a database connection with default settings for the username length then the error would be explained.


#3

@jmangelo I do only have 1 database connection in my tenant. See the update to the question for more information.


#4

@jmangelo - are you able to reproduce what I’m seeing if you use a hosted login page (and not an api-based login)?


#5

@brianra missed your previous update; sorry about that. My tests were though the hosted login page (the /authorize call ends up redirecting to HLP). In the screenshot you mentioned the login color is not the default one so it seems you customized the HLP. In my tests I also used a customized HLP, but I used it while referencing the latest version of Lock. You should ensure that your HLP customization is also updated in terms of Lock versions as otherwise some features available only in latest version won’t be available.


#6

@jmangelo I do only have 1 database connection in my tenant. See the update to the question for more information.


#7

Hi @jmangelo - I’m just getting back to this. I did have Lock 10.x in my hosted login page. I just upgraded it to 11.x and I can now use longer usernames, which is great. Thanks!


#8