Next-Auth v5 - Microsoft Entra Id issue
Unanswered
Florida White posted this in #help-forum
Florida WhiteOP
Hey, I had a standard implementation of next-auth in my Nextjs 15.5 application. Application is self-hosted on Windows VM but everything works fine. What I spotted is performance degredation on login/logout. I wanted to initially show user Entra login page so I created page called "signin" where I had client side signIn function execution. Like I said it was fine but pretty slow - for example for some time I get this /signin page with just logo, then after some time redirect to Entra and after success I've got again "signin" page and then "/" (root). Same with logout - user clicks logout button and calling signOut function then again /signin and then Entra again. What I wanted to do is to create route.ts which will call signIn and in auth.ts config use signin page as "/api/signin". Locally works perfectly fine but on actual environment I get infinite loop and also url got broken.
Flow is
first resource for example mypage.com/dashboard
/api/signin
/authorize - which is fine
but all of them got 307/302 redirects. Other thing is first two are fine mypage.com/... but authorize should look like https://{tenantId}.ciam.com/{tenantId}/.... instead it looks like https://mypage.com/{tenantId} so somewhere it's losing actual AUTH_URL from .env file. Urls should look like that because I'm using custom flow so it works like Microsoft Entra External Id
Flow is
first resource for example mypage.com/dashboard
/api/signin
/authorize - which is fine
but all of them got 307/302 redirects. Other thing is first two are fine mypage.com/... but authorize should look like https://{tenantId}.ciam.com/{tenantId}/.... instead it looks like https://mypage.com/{tenantId} so somewhere it's losing actual AUTH_URL from .env file. Urls should look like that because I'm using custom flow so it works like Microsoft Entra External Id
5 Replies
Florida WhiteOP
Hey, thanks for answer. Basically it's working (slower of course) but what I wanted to achieve is to to ommit this redirection to signin page(where I'm using client-side signIn function) and strictly move to provider's page. I think that there is unnecessary route - for example I will use mypage.com/dashboard and I'm not signed in then I have it like
mypage.com/dashboard -> delay to redirect -> mypage.com/signin -> delay to redirect -> then I see these csrf, session and finally /authorize (entra's side) and at the end redirect to actual Entra External login page. I was thinking about omitting it to be like mypage.com/dashboard -> delay + csrf, session, /authorize requests -> Entra External login page. Is it achievable? Or what else I can do to have it working faster as sometimes we have delays when going from /signin to Entra External login page around 20-30s on production build and QA environment.
mypage.com/dashboard -> delay to redirect -> mypage.com/signin -> delay to redirect -> then I see these csrf, session and finally /authorize (entra's side) and at the end redirect to actual Entra External login page. I was thinking about omitting it to be like mypage.com/dashboard -> delay + csrf, session, /authorize requests -> Entra External login page. Is it achievable? Or what else I can do to have it working faster as sometimes we have delays when going from /signin to Entra External login page around 20-30s on production build and QA environment.
Florida WhiteOP
So what, there is no way to don't see this default NextAuth's signin page?
btw, envs are fine
Florida WhiteOP
bump!
Florida WhiteOP
bump