Angular Auth0 Interceptor blocking all api calls unless logged in [Fixed]

Hi new here thanks in advance for any help so Im using the Angular Auth0 SDK I have had no problems implementing it into my app until now my issue is that any call I make using angular HttpClient is getting picked up by the Interceptor which requires you to be logged in to make calls in my chrome console it errors with the following

{error: "login_required", error_description: "Login required", state: "removed"}

My question is can you allow users to make certain calls without being logged in for instance I have to pull a user list from my Mongodb collection on ngOnInit from the very first second you load the page to populate a users list. Which currently cant happen due to this issue. If anymore information is required please feel free to ask.

Hey guys so i figured it out i had to make an adjustment to the interceptor where I have a list of whitelisted urls if that url is on the whitelist we essentially skip over it and do nothing handling wise ill put the code here if anyone is interested or has any better suggestions.

import { Injectable } from '@angular/core';

import {





} from '@angular/common/http';

import { AuthService } from '../authentication/auth.service';

import { Observable, throwError } from 'rxjs';

import { mergeMap, catchError } from 'rxjs/operators';


  providedIn: 'root'


export class InterceptorService implements HttpInterceptor {

  constructor(private auth: AuthService) { }


    req: HttpRequest<any>,

    next: HttpHandler

  ): Observable<HttpEvent<any>> {


    if(req.url === 'https://*********/users'){

      return next.handle(req)


    return this.auth.getTokenSilently$().pipe(

      mergeMap(token => {

        const tokenReq = req.clone({

          setHeaders: { Authorization: `Bearer ${token}` }


        return next.handle(tokenReq);


      catchError(err => throwError(err))



1 Like

Thanks a lot for sharing it with the rest of community!

1 Like

of course also i didnt show my finished example but obviously in the end that will be an array or a file containing all the whitelisted urls

1 Like

Thanks for the context!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.