Auth0 embedded form - invalid state

Hi All,

I am unsure where to post this, so if this needs to be moved, please let me know.

I have an issue with embedded login (using lock js) once it has redirected the user(to the specified redirect url).
I have implemented a test auth0 login using the PHP SDK which works ok, see below:

I call SDK Auth0->login(), and it redirects to the auth0 login page, type in the email & password, and it redirects back off to my site:

On this page, I make:
$auth0 = new Auth0([
‘domain’ => $this->getAppDomain(),
‘client_id’ => $this->getAppClientId(),
‘client_secret’ => $this->getAppClientSecret(),
‘redirect_uri’ => $this->getAppRedirectUri(),
‘scope’ => $this->getAppScope(),
And then getUser() from this.

And as part of the exchange: $this->transientHandler->verify(self::TRANSIENT_STATE_KEY, $state) this passes.

However, using the embed login (via lock js) I can see the user is logged in correctly in auth0 logs, and it gets redirected back to the correct place:
However, I get the error “invalid state” and $this->transientHandler->verify(self::TRANSIENT_STATE_KEY, $state) this fails. As in verify $this->getOnce($key) returns NULL.

If there is anything else I can provide, please let me know.