[auth0-angular] HTTP interceptor error when user is not logged in

Hi,

I’m using the auth0-angular HTTP interceptor to attach tokens to my API calls.
Now, I want to make calls to the same API when the user is not logged in (to get some basic ‘public’ information), but the interceptor is reporting “Error: Login required”.

I assume that the interceptor wants to add the token in any case and just breaks if there is none. Wouldn’t it be better to just transmit the HTTP request without an authorization header in that case and let the API deal with it?

Does anybody have an idea for a quick workaround?

Thanks
DS

5 Likes

Same question… we have certain endpoints that require authentication and others that do not. It would be much easier if the HTTP Intercepter sent requests regardless, just without access tokens if the user is not logged in.

1 Like

I’m encountering the same problem

I had this same problem using the spa sdk but I was able to resolve it by modifying the InterceptorService file similiar to this: Angular Auth0 Interceptor blocking all api calls unless logged in [Fixed] - Auth0 Community

I think it would be reasonable to have an “ignoredList” parameter on the HttpInterceptorConfig where you could list your anonymous endpoints.

Is there anywhere this can be submitted as a bug/feature?

FYI, here is how I’m working around it. Although I wouldn’t call this thoroughly tested yet…

export class AuthHttpInterceptorExtended  extends AuthHttpInterceptor {  

  intercept(
    req: HttpRequest<any>,
    next: HttpHandler
  ): Observable<HttpEvent<any>> {
    if (req.url.endsWith('guest/network-summary')) {
      return  next.handle(req);
    }
    else {
      return super.intercept(req, next);
    }
  }
}
1 Like

Thanks for sharing that with the rest of community! Yep I think you can report it through appropriate GitHub repo as we have feature requests built-i. Once you do that please share the link to it here. Thanks!

Hi Edward, I believe it is possible now in the new version of the auth0 angular package.
You can find examples of whitelisting URLs at the github page at this link: auth0-angular

1 Like

Thanks for sharing that!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.