What Happens when the Prompt Parameter is Not Sent to /authorize

Last Updated: Dec 16, 2024

Overview

This article details how the “prompt” parameter affects authentication.

The possible values for the prompt are:

  1. prompt=none
  2. promp=login
  3. No prompt parameter sent

Applies To

  • Authentication
  • “prompt” parameter

Solution

The prompt parameter is one of the optional parameters that can be sent with the authorize call from the applications.

Using prompt=none, if there is not a valid session, Auth0 returns an error message, E.g.; error_description=Login required or a different one depending on the use case. If there is a valid Auth0 session, the user gets a code or token.​​​​

In the no-prompt case, the user is redirected to the login page if there is not a valid session. If there is a valid session, the user is redirected to the application callback URL with the code or token, depending on the authentication flow.

When prompt=login is used with the /authorize endpoint, the user is forced to log in irrespective of whether a valid Auth0 session exists or not for the user.