401 Guardian Missing Authentication error with SAML Addon

Currently we have applications using SAML Addon for authentication, which stopped working sometime between Saturday and Yesterday.
It fails at the https://tenant.guardian.au.auth0.com/api/start-flow with the json response
{"statusCode":401,"error":"Unauthorized","message":"Missing authentication","errorCode":"invalid_token"}

The MFA widget displays the error: “Seems that you are not authorized to perform this action.”

When hitting the https://tenant.au.auth0.com/mf endpoint, the initialised MFA widget has a JWT with a null clientId.

Three applications using this method are failing, but other applications are able to log in with MFA without difficulty. If logging in through a different path and saving the MFA device for 30 days, the SAML endpoints allow login.

This happens with/without rules, and with multiple different users.

This was also working until the last few days, and we haven’t changed anything our end. Not sure where to go from here.

Hi @Lsenjov, would you be able to capture a HAR file (instructions here) and DM that to me? I’ll take a look at what’s going on.

Make sure to capture the full flow, starting from the application.

Hey @Lsenjov,

We faced an incident where some of our customers were experiencing MFA to stop working.

More information can be found in our Status Page: http://status.auth0.com/incidents/rb4z1181bd4z

2 Likes

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.