401 Unauthorized Error on a Single Device – Missing Headers Issue

Hey everyone,

I’m running into a 401 Unauthorized error, but only on one specific device. The issue seems to be that this device doesn’t add headers to the request, while all other devices work just fine.

I can successfully retrieve the token in the app and verify that it’s valid, but Auth0 blocks header addition on this one device.
Here’s what I get in the logs:

_HttpHeaders {headers: undefined, normalizedNames: Map(0), lazyUpdate: null, lazyInit: ƒ}


What I’ve tried so far:

 Cleared cookies, cache, and temp files
 Logged out and back in
Still no luck 😔

Does anyone know how to fix this?

Here’s my code for retrieving headers. Maybe I’m missing something?


getAuthHeaders(): Observable<HttpHeaders> {
  return this.auth0.getAccessTokenSilently().pipe(
    catchError((error) => {
      console.error('Error fetching token:', error);

      if (error.error === 'login_required' || error.error === 'consent_required') {
        this.auth0.loginWithRedirect();
        return throwError(() => new Error('Login required'));
      }

      return throwError(() => new Error('Failed to fetch token'));
    }),
    switchMap((token) => {
      try {
        const decodedToken: any = jwtDecode(token);
        const tenant_id = decodedToken.tenant_id;

        const headers = new HttpHeaders()
          .set('Authorization', `Bearer ${token}`)
          .set('tenant-id', tenant_id);

        return of(headers);
      } catch (decodeError) {
        return throwError(() => new Error('Token decoding error'));
      }
    })
  );
}

I’m certain the backend isn’t the issue, as the problem only occurs on this one device when there’s a route guard.

Any ideas? Thanks in advance! :rocket:

Updating as the discussion moved to the DM,

The issue most likely occurs due to the company’s hardware security software.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.