Consent Required for userinfo audience [not localhost]

My client is requiring consent for ‘Profile’ and showing the consent dialog [normally] or producing a consent_required error in the logs when doing prompt=none.

Conditions:

  • I’m not using localhost. It’s a vercel domain. The word ‘localhost’ doesn’t appear in any of the configuration (callback, login, etc
  • My audience is only the userinfo endpoint. It’s not a custom API, thus no ability to say ‘Allow skipping user consent’ in API settings
  • I am using a custom domain, so auth. is different than the interpreted audience (which is https://.us.auth0.com/userinfo [but i’m not manually sending an audience
  • The scope being used is openid profile email
  • OIDC-compliant is enabled

What am I doing wrong?!

Adding react code [using auth0-spa-js:

    createAuth0Client({
      domain: 'auth.company.tld',
      clientId: 'XXXXXXXXXXX',
      authorizationParams: {prompt: 'none'}
    }).then(auth0 => {
       auth0.loginWithRedirect().then( li => {
        auth0.getUser().then(user => {
          console.log(user);
        });
       });
    });