Can not reach to authentication

I do run a couple api that required to login through auth0. One of our production api note even go through authentication, qa-site is able to go through but it wouldn’t point right url after that. Both api are running with react.js This started to happen after we migrate to version 11.x.x. Anybody may have some idea?
https://rets.sre.com
https://rets.sreqa.com

:wave: @sredev can you explain a bit more what you mean by “able to go through, but it won’t point right url” what is you are expecting to happen and when/where is this happening? How was it before migrating?

Do you have some code you can share where you are encountering the issues migrating ?

Hello Kim, we were able to login fine before migrating the locks. We were using Auth0 to logon different users to our webpage. We are getting 404 errors etc. We have an older version running for another site https://agent.sre.com/, running version 10.6

We tried with our other two listed from the original post, attempting to run 11.5.2. We tried to revert to the working version as well, 10.6 with no avail.

Please advise as we desperately need your help, waiting to get a response back for our ticket as well. Not sure how much I can explain here on the discussion board without having security issues

Hi @sredev thank you for taking the time to explain. I will go ahead and take a look at the ticket and with that we will get back to you!

Still waiting on someone to get back to us…

Can you share the code you are using that gives you the error? After migrating and when you set the Allowed Web Origins (CORS) in the Auth0 client, what error do you get? You can post the code in the ticket or DM me if you prefer.

Hi Kim,

I’ve posted screencaps of the CORS settings for the tenant and the precise error messages. I’ll dm you with the code, but essentially it occurs when we try to get the user SSO data in getSSOData().

error_messages

Just to update in case anyone else is experiencing a similar issue, the recommendation here is to replace the use of the getSsoData function with checkSession (documentation here:
Lock API Reference). That way the application is using the latest (and recommended) endpoint. (This migration should happen before July as the /ssodata endpoint will be removed - follow details here: Important - Auth0 Public Disclosure).