Auth0 Token not set in Incognito window

Help
,
1

When im in incognito mode in browser(any browser) or when 3rd party cookies are blocked, getAccessTokenSilently, throws error ‘login required’, even though i logged in using login form, auth0 cookies are not set. I have custom domain. My angular application is on authentication.elso.org and auth0 custom domain is auth.elso.org. Here is the screenshoot. We are on enterprise plan.

auth0 cookies
auth0 cookies2547×987 72.9 KB

Here is how my provideAuth0 looks like:

 provideAuth0({
      domain: 'elso-auth.us.auth0.com',
      clientId: 'myclientid',
      skipRedirectCallback: true, 
      useRefreshTokens: true,
      cacheLocation: 'localstorage',
      useRefreshTokensFallback: true,
      cookieDomain: '.elso.org',
      authorizationParams: {
        redirect_uri: window.location.origin, 
        audience: 'https://elso-auth.us.auth0.com/api/v2/'
        , scope: 'openid profile email offline_access'

      }
    }),
3

I figured out one solution to fix this, and another one with with help of Auth0 Support named Rodrigo Uberto.

this.auth.getAccessTokenSilently().subscribe({
          next: (res) => {
            console.log('logged in BINGO');
          },
          error: (err) => {
            console.log(err);

            if (err.error_description == 'Login required') {
              this.auth.loginWithRedirect();
            }
  

          }
        });

Also cacheLocation: ‘localstorage’ for provideAuth0 is required for this to work. Refresh token properties were not important, i tested without them and it worked. Also, previously i had those two logins on separate routs, where first rout called ‘this.auth.loginWithRedirect()’, and i passed redirect parameter to second rout, where getAccessTokenSilently() was called, but that didnt work.

Auth0 support solution was to add custom domain in provideAuth0, ‘domain’ property, looks simple but didnt find precise explanation on that in auth0 documentation. Dont place ‘our-custom-domain.us.auth0.com’, place ‘your-custom-domain’. Also if you are validating token in backend .net for example, custom domain name must be placed there also, in ValidIssuer field, and dont use ‘https://your-custom-domain.us.auth0.com’ in there also.

1 Like
4

Hi @sjh1,

I’m glad you were able to solve this with the help of our Developer Support engineer.

Please feel free to reach out to us again if you have any additional questions.

Thanks,
Rueben