I have the same issue with Api.access.deny causes redirect loop and I’m using the accepted solution which is to use the api.redirect.sendUserTo('https://{auth0_tenant}.eu.auth0.com/v2/logout?returnTo=https%3A%2F%2Fexample.com') .
However, following the OP’s example whereby users without the private role will be denied at login, I need to be able to pass a message (e.g. Access Denied due to no private role to the Sign-In page - and then be able to render it in code in the Classic Login Experience.
I’m looking for ideas how to achieve this.
Thanks