Solidarity
Sign In / Sign Up
Help
Browse the topics and open the guidance you need.
Topics

Public and Auth Pages

This topic covers the public pages and the authentication and recovery pages that are available before you sign in or are used during login, logout, and error recovery.

Privacy Policy

The Privacy Policy page explains what information Solidarity collects, why it's used, and what other members may be able to see. This page is public and can be accessed from the footer of the website and before activating access.

Terms and Conditions

The Terms and Conditions page outlines the rules for using Solidarity, including membership, hour balances, and platform limitations. This page is public and can be accessed from the footer of the website and before activating access.

Contact Us

The Contact page allows you to send a message to the support team. If you are signed in, your name and email will be pre-filled. You will need to select a subject and write your message.

Anonymous visitor submissions run an automatic CAPTCHA check. Signed-in users can submit the contact form without CAPTCHA.

After you submit the form, Solidarity sends the contact-message email to support. The current flow does not send a separate confirmation email back to the person who submitted the contact form.

Session Expired

The Session Expired page appears when your session could not be restored. It provides options to sign in again or log out.

Not Found

The "Not Found" page is displayed when you try to access a page that does not exist. It provides a link to return to the homepage.

Error

The "Error" page is shown when an unexpected error occurs. It provides a general error message and a link to return to the homepage.

Shows the custom 404 "Not Found" error page.

Link to the Page

/NotFound

Conditions to Display

  • This page is public and is allowed for unauthorized and authenticated people.
  • The layout and "home" link adapt based on the user's authentication status and current onboarding stage.

From Where It Is Accessed

  • Triggered by the application's routing and not-found handling middleware when a requested URL does not match any page.

Information and Actions

  • Provides a link to go back to the previous page and a "home" link.
  • For anonymous users, the home link points to the main landing page.
  • For authenticated users, the home link points to their correct stage-specific landing page, such as Phone Edit, Profile Edit, Payment, or the main Dashboard.

Error

Page Name

Error

Purpose of the Page

Shows a generic application error state and provides recovery guidance.

Link to the Page

/Error

Conditions to Display

  • This page is public and is allowed for unauthorized and authenticated people.
  • The page can receive an optional message and source in the query string to provide more context. If source is "ciam", it indicates an identity-related error.

From Where It Is Accessed

  • The global exception handling middleware redirects here for unhandled application errors.
  • Can be triggered by explicit redirects from specific error-handling flows.

Information and Actions

  • In a development environment, it displays the full exception details. In production, it shows a generic error message.
  • For identity-related failures (CIAM errors), the page provides specific sign-in recovery help.
  • The recovery links (e.g., "home" or "logout") are adapted based on the user's authentication status and onboarding stage.

Login

Page Name

Login

Purpose of the Page

Triggers the OIDC (OpenID Connect) sign-in challenge to the external identity provider.

Link to the Page

/Account/Login?returnUrl=...&force=true

Conditions to Display

  • This page is public.
  • The returnUrl parameter is optional and is normalized to a safe, local path.
  • If the user is already authenticated, the page redirects to the returnUrl unless the force parameter is set to true.

From Where It Is Accessed

  • Main navigation menus.
  • Redirects from middleware when an unauthenticated user tries to access a protected page.
  • Recovery pages like Session Expired and Error.

Information and Actions

  • Before challenging, the page can clear any existing local authentication cookies, especially if force is used.
  • It initiates the external sign-in challenge with a prompt=login parameter, forcing the identity provider to require fresh credentials instead of using a pre-existing single sign-on session.

Logout

Page Name

Logout

Purpose of the Page

Signs the user out of the application, clearing both local and remote sessions.

Link to the Page

/Account/Logout

Conditions to Display

  • This page is public but primarily intended for authenticated users.

From Where It Is Accessed

  • Main navigation menus and recovery pages.

Information and Actions

  • For an authenticated user, the page performs a full cleanup:
  • 1. Removes the user's data from the Redis cache.
  • 2. Clears the current session's bootstrap state.
  • 3. Signs out the local session cookie.
  • 4. Signs out from the remote OIDC identity provider.

Debug Auth Lab

Page Name

Debug Auth Lab

Purpose of the Page

Development-only page for reproducing local-cookie and API-token auth failure paths after a page has loaded.

Link to the Page

/debug/auth-lab

Conditions to Display

  • This is a developer page, not a normal member page.
  • The documented route supports optional scenario, outcome, and detail query values.

From Where It Is Accessed

  • Developer/manual testing only.

Information Given

  • Supports investigation of local authentication failure behavior.

Auth Problems

Page Name

Auth Problems

Purpose of the Page

Debug page for simulating authentication failure scenarios and inspecting unauthorized API behavior.

Link to the Page

/debug/auth-problems

Conditions to Display

  • This is a developer/manual-testing page, not a normal member page.

From Where It Is Accessed

  • Developer/manual testing only.

Information Given

  • Supports manual investigation of auth-failure scenarios such as clearing cookies or clearing access tokens before calling a protected API endpoint.