ASP.NET Core error: Correlation Failed: Unknown Location

I have downloaded the ASP.NET Core 2 sample app from Auth0 (https://github.com/auth0-samples/auth0-aspnetcore-mvc-samples/tree/netcore2.1/Quickstart/01-Login). Verified it works as expected locally and all is well.

When I deploy it to my Elastic Beanstalk site, the lock screen appears, but when I attempt a login I get this error

Heck - try it for yourself: http://tadspokerplanning-dev.us-east-2.elasticbeanstalk.com/

The login is recognized on my application dashboard. I just am not returned to the site in the correct state, it appears.

About the Elastic Beanstalk environment - it is very bare bones. No load balancer and no VPC. I am using http. I understand load balancers and otherwise multiple server architectures can produce this error, but I really don’t think that is what is causing this.

I’m getting the same error trying the ASP.NET Core 3 sample code on my Mac… bare bones install, the SampleMvcApp only.

System.Exception: An error was encountered while handling the remote login.
—> System.Exception: Correlation failed.
— End of inner exception stack trace —
at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync()
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)

Hey there guys!

Can I ask you to follow this FAQ here as it seems the best way to handle that most effectively. Thanks! Here’s the FAQ:

https://community.auth0.com/t/i-follow-your-docs-quickstart-and-i-have-a-problem-but-it-has-a-github-repo-what-do-i-do-now/39519/3

Thank you @konrad.sopala for the suggestion.

I went to the GitHub repo and before posting this issue I examined the existing issues. I found the answer / work-around to my problem.

Details here - https://devblogs.microsoft.com/aspnet/upcoming-samesite-cookie-changes-in-asp-net-and-asp-net-core/

In summary Chrome is changing how it regards “SameSite” property of cookies. To get me unblocked, I ended up disabling “SameSite by default cookies” in Chrome flags (chrome://flags/). I don’t consider this a solution, but at least it gets be by for now.

Though it took me until just now to realize it - the problem described only ever existed in Chrome. Edge and Firefox were unaffected.

The people at Auth0 were right. “Identity is complex”

1 Like

Glad to hear that and thanks for sharing with the rest of community!