checkSession() always fails with "login_required" error message unexpectedly

Hi guys,

Unexpectedly starting this evening, I’m getting errors while performing the lock.checkSession() call, returning the error:

{error: "login_required", error_description: "Login required"}

I’m using the lock.js library to implement the renew token flow, I’ve my function:

  public renewToken(): Observable<boolean> {
    let response: Subject<boolean> = new Subject();
    if (!this.lock) {
      this.lock = new lock.Auth0Lock(this.clientId,
        this.domain,
        this.lockOptions);
    }
    this.lock.checkSession({}, (err, result) => {
      if (err) {
        console.warn("Error during token refresh", err);
        response.next(false);
      } else {
        this.setSession(result);
        response.next(true);
      }
    });

    return response.asObservable();
  }

where this.lockOptions has the following values:

{
  "allowedConnections": [
    "connection-local"
  ],
  "theme": {
    "logo": "/assets/img/logo-black-small.png",
    "primaryColor": "#3f48cc"
  },
  "rememberLastLogin": false,
  "allowSignUp": false,
  "allowForgotPassword": true,
  "languageDictionary": {
    "forgotPasswordAction": "Do you need to reset your password?",
    "title": ""
  },
  "auth": {
    "redirectUrl": "http://localhost:4200/callback",
    "responseType": "token id_token",
    "audience": "frontend_api",
    "params": {
      "scope": "openid profile"
    }
  }
}

the version I’m using are the following:

"auth0-js": "9.8.2",
"auth0-lock": "11.12.0"

I’m trying to figure out what’s the problem, I’m not using social or sso logins, plain database connection. I’m looking at the deployed rules and Auth0 logs and all seems fine.
I’ve checked if there was any problem with the browser configuration (maybe because of a new update), but even this doesn’t seem the case (both firefox and chrome are not working).

The application is deployed on different environment and uses different auth0 tenants and until yesterday was working fine, what might be causing this issue ? might it be some error on the auth0 apis ?

is anyone facing the same error ?

Any help is very appreciated, thank you

Hey there @pierluigi.montagna!

I’ll help you debug this working with Lock and auth0.js maintainers! Can you let me know if the issue is still there and secondly if you’ve made any changes before it started happening?

Hi @konrad.sopala thanks for replying.

The issue resolved completely by itself, I don’t think it was about the lock.js at all.
Yesterday morning the token renew started working again in every environment, it probably was an internal error on auth0 /authorize endpoint that was later fixed.
I the end I didn’t change anything, the application is deployed in 3 different environment and uses 3 different auth0 tenant that around 10am yesterday started magically to work again one after another.

I was really surprised and I didn’t know what to do, thought I should change some parameter in the lock.js configuration, but nothing helped. In the auth0 logs all I could see was Silent Authentication Failed.

Was I the only one experiencing this ?

Not sure to be honest. We had an outage that resulted in elevated response times for multiple APIv2 endpoints but it was tomorrow and you reported the issue two days ago. Glad it’s working eventually :slight_smile:

For future reference you can check Auth0 services status here:

https://twitter.com/auth0status

1 Like

Thank you @konrad.sopala :slight_smile:

1 Like

No worries! We’re here for you!

It started to happen again, the first case at: 2019-06-04T15:48:31.783Z
is there some problem on auth0 side ?