Last Remembered login - invalid token

EdZz · November 16, 2017, 2:39pm

I’ve got a small issue with the last login feature of the lock widget. When a user has successfully logs in and the proceeds to log out, but then tries to login again, the last login feature is invoked, great! However, when i do click on the user that was just logged out and error is raised in the browsers console

Error Message:

{error: "invalid_token", errorDescription: "`state` does not match."}

Strangely enough, the official Auth0 site Lock Widget behaves differently, in that once logged out, the last remembered login is used, but forces the user to login again - makes sense.

I’m not sure how to start debugging this, but any help is most appreciated!

jmangelo · November 24, 2017, 7:07pm

You should update the question with additional information to help reproduce this, in particular:

confirm that you’re using Lock embedded in the client application itself;
Lock version being used and how it is configured;
what does the logout action in your client application perform? Does it only clear the local session, does it call any endpoint in Auth0?