I’m also seeing a similar issue. In fact, the user does not even need to refresh the page to see it. Instead, they see the ‘some body keys are invalid’ issue after changing their password. The password is not changed.
Specifically I’m seeing this issue when reseting password in the Brave browser (
Version 1.66.118). Resetting password in Chrome works. I suspect it’s related to Brave’s privacy settings? I added my domain (I use a custom domain for Auth0) to allow 3rd party cookies in Brave’s settings but am still seeing the same issue when resetting password. Note that I can still log in on Brave browser with an existing password.