Overview
A Single Page Application with an embedded login form using Auth0.js is now trying to authenticate users with an email passwordless connection.
Some users see this error in the browser address bar after entering the OTP code sent to their email.
https://APPLICATION_CALLBACK_URL?error=server_error&error_description=Unable%20to%20configure%20verification%20page.&state=
After enabling a custom domain with the same top-level domain as their application and updating the Auth0.js library to the latest version, the users started seeing this error upon entering the code:
Something Went Wrong
The link must be opened on the same device and browser from which you submitted your email address.
Applies To
- Embedded Login
- Passwordless Connection
Cause
An old version of SDK was used and the passwordless flow was started on a different domain.
To make it work from localhost, a tenant flag must be enabled.
Solution
- Make sure to use the latest version of Auth0.js.
- With the Management API call the Update tenant settings endpoint with this payload:
{"universal_login":{"passwordless":{"allow_magiclink_verify_without_session":true}}}
Review Auth0.js v9 Reference for more details.