After a user resets their password using the forgot password flow (clicks forgot password → Gets an email → clicks link → resets their password) if they refresh the page and resubmit the form, they see a plain white screen that only says “some body keys are invalid”. This is pretty unprofressional. Is there a way for us to clean this up?
Some customer of us had the same experience. Any updates?
I’m also seeing a similar issue. In fact, the user does not even need to refresh the page to see it. Instead, they see the ‘some body keys are invalid’ issue after changing their password. The password is not changed.
Specifically I’m seeing this issue when reseting password in the Brave browser (
Version 1.66.118). Resetting password in Chrome works. I suspect it’s related to Brave’s privacy settings? I added my domain (I use a custom domain for Auth0) to allow 3rd party cookies in Brave’s settings but am still seeing the same issue when resetting password. Note that I can still log in on Brave browser with an existing password.
Hi @cameron4
Thank you for posting your question on the Auth0 Community!
I am sorry about the late reply to your inquiry.
It appears that there is an item in our backlog regarding tackling this issue which is being worked on by our engineers. Unfortunately, I am unable to provide an ETA to when will this be resolved or what appears to cause it.
It might be something related to the session state being invalid (where a parsed in parameter is not encoded correctly) or it gets invalidated when reaching the password reset screen/staying idle too long on the page itself.
I will keep you up to date regarding as soon as we have further updates on the matter and I am sorry about the inconvenience this has caused. We appreciate any kind of feedback regarding the issue!
Kind Regards,
Nik