I’m calling auth0-js’ WebAuth’s authorize function. The user (who has previously logged in successfully) is being immediately logged in without the Auth0 hosted lock login page displaying. Auth0 is immediately directing to my callback with valid data in the callback URL though, including a valid ID token and Access Token. This issue only seems to occur with a user registered directly with Auth0. Identity providers are working fine. Once this occurs, I have no way to log in as a different user since the login page won’t display.
I’m using the uncustomized lock login. Is this a bug? Here’s a video showing my setup and the behavior: https://www.dropbox.com/s/00ekmr1f5aj2y7k/auth0bug.mp4?dl=0