I am trying to make auth0.js v8 renewAuth
work in my SPA.
I have a management api set in my account ( https://remoto-dev.auth0.com/api/v2
).
I created a silent-authentication callback page ( http://localhost:4200/silent-authentication.html
) and added it to the list of Allowed Callback Urls. Also, I added https://remoto-dev.auth0.com
to the list of Allowed Origins.
My callback page follows @jmangelo example from another question:
<!DOCTYPE html>
<html>
<head>
<script src="https://cdn.auth0.com/js/auth0/8.0.4/auth0.min.js"></script>
<script type="text/javascript">
var webAuth = new auth0.WebAuth({
domain: 'remoto-dev.auth0.com',
clientID: 'KGo7Zr98BNJlFjgquRNM4vziGmpg7jfx'
});
var result = webAuth.parseHash(window.location.hash, function(err, data) {
debugger;
parent.postMessage(err || data, "https://localhost:4200");
});
</script>
</head>
<body></body>
</html>
Still, I get:
{
"date": "2017-06-22T16:16:32.397Z",
"type": "fsa",
"description": "Service not found: https://remoto-dev.auth0.com/api/v2",
"client_id": "KGo7Zr98BNJlFjgquRNM4vziGmpg7jfx",
"ip": "189.6.84.54",
"user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36",
"details": {
"body": {},
"qs": {
"client_id": "KGo7Zr98BNJlFjgquRNM4vziGmpg7jfx",
"response_type": "token",
"redirect_uri": "http://localhost:4200/silent-authentication.html",
"scope": "openid profile offline_access",
"audience": "https://remoto-dev.auth0.com/api/v2",
"prompt": "none",
"response_mode": "fragment",
"state": "z6mHifbf3do2aau0hHRe3oKz-AZhCc.A",
"auth0Client": "eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOC42LjEifQ=="
},
"connection": null,
"error": {
"message": "Service not found: https://remoto-dev.auth0.com/api/v2",
"oauthError": "access_denied",
"type": "oauth-authorization"
}
},
"log_id": "49574347664067592668682869819056035602820627264725581858"
}
Why is my access to remoto-dev.auth0.com/api/v2
denied?
(sidenote: I am trying to renew every time I login, so I do not check if the token expired or if I got a 401 when trying to login, could it be a problem?)