The two users mentioned are in two different physical locations and on different network / machine setup all together, and are not linked to each other in any way
Im checking what Antivirus they have on their machines (if any)
The logs should be recent enough, as they keep trying to login in an attempt to get through
As mentioned I had deleted their accounts and got them to create again, for both of them. They were able to login with their passwords so assuming it was all correct.
The real reason for the failure here is that when making this call to parse hash after auth0 authenticates and sends me back to my app url
this.angularAuth0.parseHash((err, authResult) => {
if (authResult && authResult.accessToken && authResult.idToken) {
//do my app login stuff
}
else{
//something went wrong during login .... check the err object
}
the **err** object returns an error with the following information
{
errorCode: 'invalid_token'
errorDescription: 'Expired token'
}
If they were using wrong passwords they should not have reached this stage, dont you think ?
@dan.woda thanks for assisting, unfortunately I dont have access to that user’s machine to get you a HAR file. However the HAR attached in this threard should be good enough I guess ?
Good morning @huzefa.yousuf, It would be helpful to have a separate HAR file from the initial user so we can compare and contrast what may be going in each scenario.
Also can you share the third user’s email with me in a direct message? Thanks!
@James.Morrison I have an update from my end. As mentioned earlier I was using the Auth0-Angular library for authentication. I tried to use the Rest APIs directly and it seems to work no issues.
This leads me to believe that there is something wrong with the client library ?
sure thing, hopefully that helps in resolving this
Solution NOT working for some clients
//intialize Auth0
angularAuth0Provider.init({
clientID: 'YOUR_CLIENT_ID',
domain: 'YOUR_DOMAIN',
responseType: 'token id_token',
redirectUri: 'YOUR_REDIRECT_URI',
scope: 'openid email profile'
});
//Then on my login page, do this
this.angularAuth0.authorize();
//This will take to Auth0 login page, once user's logged in, Auth0 will redirect back to the callback page where I do this
this.angularAuth0.parseHash((err, authResult) => {
if (authResult && authResult.accessToken && authResult.idToken) {
//everything good ... redirect to home page
}
else{
//something went wrong
}