400 error on login with second application

We are struggling with a 400 error on a login attempt. Here’s the general description:

  • We have a native application that works fine with Xamarin.
  • We can reuse that application on our SPA (Angular) portal, and it works fine after we add the appropriate callback and logout URLs.
  • We have used both the Angular SDK, following the getting started guide, and the auth0-js SDK.
  • When we create a new application and change the Angular code to use that client ID, login for the same users fails. The browser debug shows a 400 status code from the “xxx.auth0.com/u/login…” request.
  • We’ve tried it with the new application being SPA, and Native, with (we think) identical configuration to the working app.
  • We thought it was something to do with localhost and the user consent stuff, but deploying it on our development server on Azure yields the same result.
  • The new applications have all of the connections enabled.

Is there some restriction, or stickiness, on using the same users on multiple applications? Very puzzled here.