Handling login page URLs containing request parameters

Note: This topic applies to channels such as Web Client and Facebook.

Third-party systems that use Auth0 for authentication will have a login page URL that contains request parameters. This topic explains which parameters are supported by Converse and what the expected values should be.

Here is an example of a login page URL for an Auth0 server:
https://designerui.converse.pitneybowes.com/?response_type=code&
      client_id=123456789abcdefgh&state={sessionId}&
      redirect_uri=https%3A%2F%2Fmycompany.com%2Fauthorize%2Fredirect

The request parameters are as follows:

Parameter Value Description
response_type code Converse only supports the code grant type. It therefore expects that the response will include an authorization code. This parameter is always:

response_type=code

client_id Auth0 client ID The ID configured in your Auth0 implementation.

For example: client_id=123456789abcdefgh

state {sessionId} The session ID set by Converse and used to identify the session. This is returned to Converse as part of the redirect_uri. This parameter is always:

state={sessionId}

redirect_uri Redirect URL in encoded format The redirect URL is:

https://<your hostname>/authorize/redirect

It needs to be in an encoded format. For example: redirect_uri=https%3A%2F%2Fmycompany.com%2Fauthorize%2Fredirect

See also Session details.