Auth0 Secret decryption failure

Get Help
,
1

Hey,

So i have initialized an auth0 secret using the openssl command and set it up in my application in the auth0 service initilaization code and it is a session based authorization , and using it for past 3 months. but recently in the middleware i got an error saying jwe decryption failure and i havent changed the auth0 secret in the app or in the environment variables,but when i generated a new auth0 secret and set it up , the issue was resolved and no error was occuring and the jwt was decrypted correctly.

I am using nextjs auth0 v4. the decryption of the session was happening in the middleware , and an error occured till i changed auth0 secret.

I am not able to understand what is the issue.

3

Hi @tharun

Welcome to the Auth0 Community!

I will need some time to investigate the matter and I will come back as soon as possible with an update!

Kind Regards,
Nik

4

Hi again @tharun

It appears that the error you have mentioned can be triggered by either a different secret being used for encryption/decryption or a conflicting cookie name which can cause the SDK trying to decrypt the wrong cookie. This can also happen if you have different applications running on different ports locally, they may overwrite each other as the cookie storage is not separate for each port.

If you have any other questions, let me know!

Kind Regards,
Nik