I’ve tried to test the Auth0 integration with an ASP.NET 4.6.1 application by using the following quickstart:
I downloaded the example and hooked it up with my default app, added the roles rule as per the tutorial and if I try to access the /Account/Admin route with an “admin” role, everything works as expected.
The problem appears when I try to access this route with any other role.
Expected result: I am redirected to the homepage (or the callback url of my choice).
Actual result: The app starts an infinite loop that ends with a ““OpenIdConnectMessage.Error was not null, indicating an error. Error: ‘access_denied’. Error_Description (may be empty): ‘’. Error_Uri (may be empty): ‘’.”” error.
I tried investigating myself but I am out of ideas. Has anyone else encountered this?
In case it helps anyone, easiest way to reproduce:
- use the example code provided in the quickstart
- assign the user a “user” role (in the example’s case, the user’s email should not end with “example.com”)
- try to access the /Account/Admin route