|
32 | 32 | - [Custom routes](#custom-routes) |
33 | 33 | - [Testing helpers](#testing-helpers) |
34 | 34 | - [`generateSessionCookie`](#generatesessioncookie) |
| 35 | +- [Programmatically starting interactive login](#programmatically-starting-interactive-login) |
| 36 | + - [Passing authorization parameters](#passing-authorization-parameters-1) |
| 37 | + - [The `returnTo` parameter](#the-returnto-parameter-1) |
| 38 | + - [Redirecting the user after authentication](#redirecting-the-user-after-authentication-1) |
35 | 39 |
|
36 | 40 | ## Passing authorization parameters |
37 | 41 |
|
@@ -60,14 +64,18 @@ The `returnTo` parameter can be appended to the login to specify where you would |
60 | 64 |
|
61 | 65 | For example: `/auth/login?returnTo=/dashboard` would redirect the user to the `/dashboard` route after they have authenticated. |
62 | 66 |
|
| 67 | +> [!NOTE] |
| 68 | +> The URL specified as `returnTo` parameters must be registered in your client's **Allowed Callback URLs**. |
| 69 | +
|
| 70 | + |
63 | 71 | ### Redirecting the user after logging out |
64 | 72 |
|
65 | 73 | The `returnTo` parameter can be appended to the logout to specify where you would like to redirect the user after they have logged out. |
66 | 74 |
|
67 | 75 | For example: `/auth/login?returnTo=https://example.com/some-page` would redirect the user to the `https://example.com/some-page` URL after they have logged out. |
68 | 76 |
|
69 | 77 | > [!NOTE] |
70 | | -> The URLs specified as `returnTo` parameters must be registered in your client's **Allowed Logout URLs**. |
| 78 | +> The URL specified as `returnTo` parameters must be registered in your client's **Allowed Logout URLs**. |
71 | 79 |
|
72 | 80 | ## Accessing the authenticated user |
73 | 81 |
|
@@ -754,31 +762,66 @@ const sessionCookieValue = await generateSessionCookie( |
754 | 762 | ``` |
755 | 763 |
|
756 | 764 |
|
757 | | -## Programmatic Pushed Authentication Requests (PAR) |
| 765 | +## Programmatically starting interactive login |
758 | 766 |
|
759 | | -The method `startInteractiveLogin` can be called with authorizationParams to initiate an interactive login flow. |
760 | | -The code collects authorization parameters on the server side rather than constructing them directly in the browser. |
| 767 | +Additionally to the ability to initialize the interactive login process by redirecting the user to the built-in `auth/login` endpoint, |
| 768 | +the `startInteractiveLogin` method can also be called programmatically. |
761 | 769 |
|
762 | 770 | ```typescript |
763 | | -// app/api/auth/login/route.ts |
764 | 771 | import { auth0 } from "./lib/auth0"; |
765 | 772 | import { NextRequest } from "next/server"; |
766 | 773 |
|
767 | 774 | export const GET = async (req: NextRequest) => { |
768 | | - // Extract custom parameters from request URL if needed |
769 | | - const searchParams = Object.fromEntries(req.nextUrl.searchParams.entries()); |
| 775 | + return auth0.startInteractiveLogin(); |
| 776 | +}; |
| 777 | +``` |
| 778 | + |
| 779 | +### Passing authorization parameters |
| 780 | + |
| 781 | +There are 2 ways to customize the authorization parameters that will be passed to the `/authorize` endpoint when calling `startInteractiveLogin` programmatically. The first option is through static configuration when instantiating the client, like so: |
| 782 | + |
| 783 | +```ts |
| 784 | +export const auth0 = new Auth0Client({ |
| 785 | + authorizationParameters: { |
| 786 | + scope: "openid profile email", |
| 787 | + audience: "urn:custom:api", |
| 788 | + }, |
| 789 | +}); |
| 790 | +``` |
| 791 | + |
| 792 | +The second option is by configuring `authorizationParams` when calling `startInteractiveLogin`: |
| 793 | + |
| 794 | +```ts |
| 795 | +import { auth0 } from "./lib/auth0"; |
| 796 | +import { NextRequest } from "next/server"; |
770 | 797 |
|
| 798 | +export const GET = async (req: NextRequest) => { |
771 | 799 | // Call startInteractiveLogin with optional parameters |
772 | 800 | return auth0.startInteractiveLogin({ |
773 | | - // a custom returnTo URL can be specified |
774 | | - returnTo: "/dashboard", |
775 | 801 | authorizationParameters: { |
776 | | - prompt: searchParams.prompt, |
777 | | - login_hint: searchParams.login_hint, |
778 | | - // Add any custom auth parameters if required |
779 | | - audience: "custom-audience" |
| 802 | + scope: "openid profile email", |
| 803 | + audience: "urn:custom:api", |
780 | 804 | } |
781 | 805 | }); |
782 | 806 | }; |
| 807 | +``` |
| 808 | + |
| 809 | +## The `returnTo` parameter |
783 | 810 |
|
784 | | -``` |
| 811 | +### Redirecting the user after authentication |
| 812 | + |
| 813 | +When calling `startInteractiveLogin`, the `returnTo` parameter can be configured to specify where you would like to redirect the user to after they have completed their authentication and have returned to your application. |
| 814 | + |
| 815 | +```ts |
| 816 | +import { auth0 } from "./lib/auth0"; |
| 817 | +import { NextRequest } from "next/server"; |
| 818 | + |
| 819 | +export const GET = async (req: NextRequest) => { |
| 820 | + return auth0.startInteractiveLogin({ |
| 821 | + returnTo: '/dashboard', |
| 822 | + }); |
| 823 | +}; |
| 824 | +``` |
| 825 | + |
| 826 | +> [!NOTE] |
| 827 | +> The URLs specified as `returnTo` parameters must be registered in your client's **Allowed Callback URLs**. |
0 commit comments