[auth0-angular] HTTP interceptor error when user is not logged in

admin44 · October 2, 2020, 6:55am

Hi,

I’m using the auth0-angular HTTP interceptor to attach tokens to my API calls.
Now, I want to make calls to the same API when the user is not logged in (to get some basic ‘public’ information), but the interceptor is reporting “Error: Login required”.

I assume that the interceptor wants to add the token in any case and just breaks if there is none. Wouldn’t it be better to just transmit the HTTP request without an authorization header in that case and let the API deal with it?

Does anybody have an idea for a quick workaround?

Thanks
DS

noragrossman · November 17, 2020, 11:51pm

Same question… we have certain endpoints that require authentication and others that do not. It would be much easier if the HTTP Intercepter sent requests regardless, just without access tokens if the user is not logged in.

ffischer · January 5, 2021, 5:44pm

I’m encountering the same problem

Edward · January 25, 2021, 1:36pm

I had this same problem using the spa sdk but I was able to resolve it by modifying the InterceptorService file similiar to this: Angular Auth0 Interceptor blocking all api calls unless logged in [Fixed] - Auth0 Community

I think it would be reasonable to have an “ignoredList” parameter on the HttpInterceptorConfig where you could list your anonymous endpoints.

Is there anywhere this can be submitted as a bug/feature?

FYI, here is how I’m working around it. Although I wouldn’t call this thoroughly tested yet…

export class AuthHttpInterceptorExtended  extends AuthHttpInterceptor {  

  intercept(
    req: HttpRequest<any>,
    next: HttpHandler
  ): Observable<HttpEvent<any>> {
    if (req.url.endsWith('guest/network-summary')) {
      return  next.handle(req);
    }
    else {
      return super.intercept(req, next);
    }
  }
}

konrad.sopala · January 28, 2021, 1:27pm

Thanks for sharing that with the rest of community! Yep I think you can report it through appropriate GitHub repo as we have feature requests built-i. Once you do that please share the link to it here. Thanks!

skerovs · October 25, 2021, 9:53pm

Hi Edward, I believe it is possible now in the new version of the auth0 angular package.
You can find examples of whitelisting URLs at the github page at this link: auth0-angular

konrad.sopala · October 26, 2021, 9:06am

Thanks for sharing that!

system · November 10, 2021, 9:06am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Angular Auth0 Interceptor blocking all api calls unless logged in [Fixed] Help angular , nodejs	5	7014	February 5, 2020
Allow unauthorized http request but add token if authorized Help angular , auth0	0	1732	August 29, 2022
User is logged back in after logging out whenever httpinterceptor is called Help login-experience , new-universal-login-experience	0	755	April 25, 2023
Auth0 angular 7 login redirect loop Help angular , auth0	1	5588	September 11, 2020
httpInterceptor does not add authorization header JWT.io angular , jwt , auth0 , api , login , access-token , authorization	4	5294	January 31, 2023

[auth0-angular] HTTP interceptor error when user is not logged in

Related Topics