I am able to create new users and authenticate existing users via social sign-in (e.g. Google mail)
While I am able to create new users with the Username-Password connection, I am unable to authenticate existing users. The login process fails with an error 403
and the message “invalid state.”
A copy of request and response data is pasted below.
Curiously when I test the connection in the Dashboard with “Try Connection” the appropriate user authentication data is returned and the callback URL is executed.
Haven’t been able to pin down exactly what “Invalid State” refers to.
In both cases described above I am using the default configuration for hosted pages for the Lock UI and as well as for the Custom UI. Lock v10 and/or Auth0 v8.
HTTP Response: { code: "access_denied", description: "Invalid state", name: "AnomalyDetected", statusCode: 403 }
HTTP Request: { client_id: "v072atWuRuvn1v1KFeJ8NF393UEMX58b", connection: "Username-Password-Authentication", password: "foobarbaz", redirect_uri: "http://localhost:3000/", response_type: "code", tenant: "altrdpdgm", username: "sean.travis.taylor@icloud.com", _csrf: "deprecated" }