Have you updated your privacy policies and do you need to collect users' consent again? If you need to require custom privacy policies from your users before allowing them access to your application, this tutorial is for you.
This use case requires all your users to agree to a new terms of service form. It consists of a custom form to request acceptance of the new conditions which will be displayed, after logging in, to the users who have not yet accepted it.
A form to display the new terms and conditions, and a legal field to accept them that will be displayed after the users logs in.
This form will be linked to a flow that will check the session token and update the app metadata in Auth0.
First of all, add the policy acceptance action of Arengu to the Auth0 dashboard. For this:
You will be automatically redirected to the Actions Library screen.
As the page notification indicates, the next step is to add the following keys:
Click on Create to complete the configuration.
Add the newly created Arengu progressive profile action to the flow.
Click on Apply to save the Login flow.
Auth0 will process all logins for your tenant using this action. Before activating the integration in production, make sure you have configured all components correctly and verified on a test tenant.
Go to the form editor and add the required field. In this case, we will add a Legal field with our terms and conditions. To set up this field:
Add also two hidden fields by clicking on the eye icon to open their settings:
Click on the ending screen and enable the redirection section
Click on the Flows tab on the light menu, create a flow linked to the first step of the form by clicking on the plus icon and publish the changes.
Go to the flow editor and start building the flow by adding a Verify JSON web token action:
To set it up:
Add an If/then condition action to perform conditional logic if the JWT is valid or not. The settings for this action are these:
Include a Show error message action in the False branch to display it on the form in case the JWT validations fails (eg. wrong settings, expired JWT, altered JWT, etc).
Then add a Sign JSON web token action to the True branch to sign the provided user information.
Set up this action as follows:
Add a Store state variable to store a custom variable that we will reuse in our form. To set up this action:
Then close the True branch of the flow with a Submit the form action that will display our ending screen that redirects the user using the previously generated variable.
Finally, publish the changes.
To check if everything is working properly:
This will open the Auth0 login page where you can test the use case:
Once you have tried it, you can also check if the data has been updated this way:
If you want to try it again, you can manually delete this data and re-launch the test.
If it has not worked properly, you can check the possible errors in Auth0 Dashboard and in the Executions tab of the flow in Arengu’s editor.