Next-Auth v5 - Microsoft Entra Id issue
Unanswered
Harlequin posted this in #help-forum
HarlequinOP
Hey, I had a standard implementation of next-auth in my Nextjs 15.5 application. Application is self-hosted on Windows VM but everything works fine. What I spotted is performance degredation on login/logout. I wanted to initially show user Entra login page so I created page called "signin" where I had client side signIn function execution. Like I said it was fine but pretty slow - for example for some time I get this /signin page with just logo, then after some time redirect to Entra and after success I've got again "signin" page and then "/" (root). Same with logout - user clicks logout button and calling signOut function then again /signin and then Entra again. What I wanted to do is to create route.ts which will call signIn and in auth.ts config use signin page as "/api/signin". Locally works perfectly fine but on actual environment I get infinite loop and also url got broken.
Flow is
first resource for example mypage.com/dashboard
/api/signin
/authorize - which is fine
but all of them got 307/302 redirects. Other thing is first two are fine mypage.com/... but authorize should look like https://{tenantId}.ciam.com/{tenantId}/.... instead it looks like https://mypage.com/{tenantId} so somewhere it's losing actual AUTH_URL from .env file. Urls should look like that because I'm using custom flow so it works like Microsoft Entra External Id
Flow is
first resource for example mypage.com/dashboard
/api/signin
/authorize - which is fine
but all of them got 307/302 redirects. Other thing is first two are fine mypage.com/... but authorize should look like https://{tenantId}.ciam.com/{tenantId}/.... instead it looks like https://mypage.com/{tenantId} so somewhere it's losing actual AUTH_URL from .env file. Urls should look like that because I'm using custom flow so it works like Microsoft Entra External Id
5 Replies
HarlequinOP
Hey, thanks for answer. Basically it's working (slower of course) but what I wanted to achieve is to to ommit this redirection to signin page(where I'm using client-side signIn function) and strictly move to provider's page. I think that there is unnecessary route - for example I will use mypage.com/dashboard and I'm not signed in then I have it like
mypage.com/dashboard -> delay to redirect -> mypage.com/signin -> delay to redirect -> then I see these csrf, session and finally /authorize (entra's side) and at the end redirect to actual Entra External login page. I was thinking about omitting it to be like mypage.com/dashboard -> delay + csrf, session, /authorize requests -> Entra External login page. Is it achievable? Or what else I can do to have it working faster as sometimes we have delays when going from /signin to Entra External login page around 20-30s on production build and QA environment.
mypage.com/dashboard -> delay to redirect -> mypage.com/signin -> delay to redirect -> then I see these csrf, session and finally /authorize (entra's side) and at the end redirect to actual Entra External login page. I was thinking about omitting it to be like mypage.com/dashboard -> delay + csrf, session, /authorize requests -> Entra External login page. Is it achievable? Or what else I can do to have it working faster as sometimes we have delays when going from /signin to Entra External login page around 20-30s on production build and QA environment.
HarlequinOP
So what, there is no way to don't see this default NextAuth's signin page?
btw, envs are fine
HarlequinOP
bump!
HarlequinOP
bump