If you’ve tried the recommendations suggested, then the next thing is to confirm what’s being sent to Auth0. If the interaction with Auth0 is from the front end, you should be able to generate a HAR file via the browser that will contain the necessary information. Here is the link to our Docs page that will tell you how to do this: Generate and Analyze HAR Files. Once you have the HAR file and have followed the best practices regarding the removal/obfuscation of sensitive data, feel free to share it (the HAR file), and I’ll take a look at it to see what might be going on 