Auth0 Failed Silent Auth on Safari/iOS Chrome Mobile with Rotational Refresh Tokens ON and Custom Domains ON

Hi tere,

Here is the situation:

This works:
I have setup my production site(eg: www.production.com) with the custom domain like auth.production.com at Auth0 dashboard. After authorizing from Auth0 it goes back to www.production.com successfully on all browsers and iOS devices.

This doesn’t work
However, when I test Auth0 Universal Login on my staging domain(eg: www.staging.com) this doesn’t work at all.

Before this post, I have tried all relevant solutions:

1 Set up rotational refresh tokens and use useRefreshTokens={true} and cacheLocation="localstorage" in my latest Auth0 React SDK "@auth0/auth0-react": "^1.8.0".

See in this link community.auth0.com/t/silent-authorization-not-working-after-login-signup/37114

2 Double checked on Refresh Token Rotation

3 Went through Troubleshoot Renew Tokens When Using Safari

I made sure when I turned off Prevent cross-site tracking my staging domain worked.

So, after all that, can you please give me some directions on develop and staging envs solutions? What if those domains are all separate without sharing the same parent domain?

Do I have to purchase another tenant for different envs? I’m afraid that this is going to make the development process very complicated as I have to do data transition a lot!

Or, can I have multiple custom domains for all my different envs?

Thanks!

I think I found out the root cause:

When you call getAccessTokenSilently are you using the same audience and scope that is set in the Auth0Provider? I’ve seen in some cases that silent auth will be required because a new scope or audience is requested after the app initiates. Silent …

By the way, this is definitely a new thing, as earlier this year all above worked, but somehow recently I found out we will need to pass in exact both scope and audience to Auth0Provider.

Can can I track those software updates by the way?

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.