Auth0-spa-js must run on a secure origin

luke1 · May 12, 2020, 11:25pm

I’ve tried to deploy my React SPA application on an AWS S3 bucket.

The site works successfully on Safari, but I receive this error in chrome:

Uncaught (in promise) Error: 
      auth0-spa-js must run on a secure origin.
      See https://github.com/auth0/auth0-spa-js/blob/master/FAQ.md#why-do-i-get-auth0-spa-js-must-run-on-a-secure-origin 
      for more information.

I’ve looked at this: auth0-spa-js/FAQ.md at master · auth0/auth0-spa-js · GitHub
And this:
Working with auth0-spa-js locally

Neither of which seem to help.

The site runs on http, but it’s odd that works on Safari, not chrome.

Edit: it also works on chrome mobile, so the only place that it does not work is Chrome desktop.

ktyra · May 19, 2020, 2:43am

This same issue occurs on Firefox. My app is a react app running in a NGINX container in fargate.

Auth0 - please help

I’m sure this runs fine on SSL protected circuit/load balancer but it should also work on a non SSL connection.

Note: This behaviour does not exibit it self when routing through ngrok

vizdatanamix · June 18, 2020, 9:22pm

I am also facing the same issue as @luke1.
No luck so far…

luke1 · June 18, 2020, 10:47pm

UPDATE: I never found a solution and just switched it to https

banalytics · August 28, 2020, 8:41pm

I’ve NEVER seen a forum topic where an Auth0 engineer fucking replies and helps, they are forcing everyone to pay for support… Why no auth0 staff member ever replies??? Do they check the ■■■■■■■ forum???

k-auth0 · February 19, 2021, 5:28pm

I would like to know how to fix the issue

Qusai.Sabri · March 2, 2021, 1:48am

I had the same issue while I was developing on a local network,

The problem:
My application is using auth0-react (redirect with popup), everything was working fine on Chrome but the app was not working on Safari, unless every user has to remove the default pop-up blocker on Safari.

I was running my React/.Net Core app on a windows machine and wanted to access the site from a mac on the same network to debug the issue,

The solution:
Switching to using HTTPS solved it for me,

Follow this link to set up HTTPS in Development for a React app:

I hope this helps someone

Happy Coding !

konrad.sopala · March 2, 2021, 8:22am

Thanks for sharing that with the rest of community!

system · March 17, 2021, 8:22am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
http://SPA ... auth0-spa-js must run on a secure origin Help	3	6293	March 4, 2020
Auth0-spa-js must run on secure origin - issue in FireFox when using localhost Help	0	2001	July 13, 2022
Allow access of auth0-react app using IP address instead of localhost Help auth0	2	2542	October 28, 2022
Working with auth0-spa-js locally Help	9	15033	January 9, 2020
Hosting auth0-spa-js plugin -After hosting in apache Getting error (auth0-spa-js must run on a secure origin.) Help	2	3938	May 26, 2020

Auth0-spa-js must run on a secure origin

Related topics