So i have initialized an auth0 secret using the openssl command and set it up in my application in the auth0 service initilaization code and it is a session based authorization , and using it for past 3 months. but recently in the middleware i got an error saying jwe decryption failure and i havent changed the auth0 secret in the app or in the environment variables,but when i generated a new auth0 secret and set it up , the issue was resolved and no error was occuring and the jwt was decrypted correctly.
I am using nextjs auth0 v4. the decryption of the session was happening in the middleware , and an error occured till i changed auth0 secret.
It appears that the error you have mentioned can be triggered by either a different secret being used for encryption/decryption or a conflicting cookie name which can cause the SDK trying to decrypt the wrong cookie. This can also happen if you have different applications running on different ports locally, they may overwrite each other as the cookie storage is not separate for each port.