My client is requiring consent for ‘Profile’ and showing the consent dialog [normally] or producing a consent_required error in the logs when doing prompt=none.
Conditions:
- I’m not using localhost. It’s a vercel domain. The word ‘localhost’ doesn’t appear in any of the configuration (callback, login, etc
- My audience is only the userinfo endpoint. It’s not a custom API, thus no ability to say ‘Allow skipping user consent’ in API settings
- I am using a custom domain, so auth. is different than the interpreted audience (which is https://.us.auth0.com/userinfo [but i’m not manually sending an audience
- The scope being used is openid profile email
- OIDC-compliant is enabled
What am I doing wrong?!
Adding react code [using auth0-spa-js:
createAuth0Client({
domain: 'auth.company.tld',
clientId: 'XXXXXXXXXXX',
authorizationParams: {prompt: 'none'}
}).then(auth0 => {
auth0.loginWithRedirect().then( li => {
auth0.getUser().then(user => {
console.log(user);
});
});
});