We are integrating Auth0 with the Wordpress plugin. The set up has been working for weeks now – first in development, and then launch last week. Two days ago a couple of users received this error when trying to log in:
“There was a problem with your log in: There is a user with the same email. [error code: unknown]”
This error appears to be coming from the Wordpress site – the message looks like a standard Wordpress error message, and the user history in Auth0 shows a successful log in. No errors are reported in the log on the Wordpress site.
The only way I’ve been able to resolve the issue for these clients has been by deleting and recreating their accounts (both Wordpress and Auth0).
But now many more users are running into this problem (both brand new users, and ones who have been using the tool for a few days) AND the fix of deleting and recreating their accounts is no longer working. Of course, I have not been able to recreate the error with my own test accounts, only with accounts for users who have reported the problem.
The only thing that has changed is that on Friday we moved up to a paid-level account with Auth0. But everything was working fine for a couple of days after that, and some users are still able to log in without a problem.
I’ve double-checked the set up instructions “Configuration of the Login by Auth0 WordPress Plugin” in the Auth0 docs.
Wordpress vs 5.3.2
Auth0 plugin is up to date.
PHP 7.1.33
I’d appreciate any suggestions.
Once this has happened with a log in (successful Auth0 log-in, unsuccessful WP log-in), the user gets the error message as soon as they attempt to access the Auth0 login page, and this persists through browser reboots. So Auth0 sees the logged-in status and bounces the user over to Wordpress, but there the error appears. Private browser windows work, so I’m guessing this is a cookie situation.
This error happens when an incoming successful Auth0 login has the same email address as an existing WordPress user but a different Auth0 user ID. This can happen if you already have a DB user and then use Google to login with the same email address but don’t have account linking on.
Let me know if this helps.
Thanks,
Dan
P.S. If you reply to your own post it removes it from our unanswered category, and will be harder to get an answer.
Figured it out and thought I should share what I found, though it is likely related to custom code on our site.
For some reason, the Auth0 ID that was returned to the WP site was not being captured properly. What is odd is that this only happened about 50% of the time, and started without any obvious triggering change (no changes to WP code in particular).
So Auth0 would send someone back to the site after logging in, but Wordpress could not connect the user to an account and would try to create a new one. Of course, WP would see that a user already existed with that information and would throw the error.
This problem was with custom code created using the Auth0 API. Still not sure why it would work sometimes and not others, and what changed to start the problem. We fixed it by adding an additional layer of checking to handling that value.
If you are running into this problem, check the auth0_id and auth0_obj items for the affected users in the usermeta table. If the auth0_id value is empty, that’s your problem. You can fix it on a case-by-case basis by looking up the users’ ID in Auth0, but to fix the problem you’ll have to figure out why that value isn’t being captured.
Just to be clear, this all applies to the Auth0 Wordpress plugin. If you’re not using that plugin, you likely won’t have or need those user_meta values. Also, to be clear, those user_meta values have the prefix of your WP tables – so by default would be ‘wp_auth0_id,’ and ‘wp_auth0_obj.’