I had working auth workflow using Lock widget (popup, google account) and signing in with customToken to Firebase. Then I had to update settings by adding one more host to “Allowed Origins (CORS)”. Initially I was getting error “invalid grant types: client_credentials” but when I chose “Client Type” => “SPA” I was able to save settings. But after that the auth workflow became broken - I’m getting error “Grant type ‘http://auth0.com/oauth/legacy/grant-type/delegation/id_token’ not allowed for the client” in the response for https://***.auth0.com/delegation request in the Dev console.
Which changes are required now to get working signing in with customToken to Firebase?