Error login_required when in incognito using auth0-js WebAuth

a3h16 · October 1, 2023, 11:38pm

when registering using auth0-js v9 new WebAuth in an incogntio window using google chrome, I am met with the login_required error.

The registration is fine when in a non incognito tab so the audience, clientId and domain creds passed below we can presume correct.

new WebAuth({
      clientID,
      domain,
      audience,
      responseType: 'token id_token',
      redirectUri,
      scope: 'openid profile offline_access'
})

[WebAuth].authorize(
     {
        email,
        connection,
        authorizeCallType: "registration",
        redirectUri,
        state,
      },

I have also tried the suggested refresh token rotation and updated the following settings;
The api access settings has Allow Offline Access toggled on and the application has its Refresh Token Rotation toggled on with a reuse interval of 30003

With these two enabled and offline_access added to the scope (see above), I no longer get login_required; however I get a missing_refresh_token error

How can I allow registration within an incognito tab?

dan.woda · October 4, 2023, 6:21pm

Hi @a3h16,

Refresh tokens aren’t supported in Auth0.js, so that approach wont help here.

Could you please DM me a HAR file of the request? I’d like to see the call that is being made and the response.

system · October 26, 2023, 2:24pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.