Failed Silent Auth in Chrome

Hi,

We’ve been developing an app for years with Auth0 with no recent configuration change that we’re aware of. Recently, one of our team members (me) attempted to login and saw the “Looks like something went wrong!” message after a Google SSO login (our primary login method).

Logs show ‘Failed Silent Auth’ with the error message being “Login Required.”

Since I experienced it, two more internal team members have experienced it. We’re on different IPs and none of us can figure out what we’ve done to trigger this. I can say we’re all using Google Chrome.

To work around it, we’ve found success in using Incognito Chrome, Safari, or Firefox. Clearing stored cookies and cache in Chrome did not resolve the issue.

Any ideas?

Thanks

Hi @inabl,

Welcome to the Auth0 Community!

Could you please try a hard refresh on Chome and see if it helps?

Thanks for the reply @lihua.zhang.

I just attempted a hard refresh and unfortunately got the same result. - No resolution.

I am sorry to hear that. Could you please try repeating this issue and then go to Auth0 Dashboard → Monitoring → Logs, and provide us the details of the failure?

Yes! here it is, I removed some information:

“user_agent”: “Chrome 100.0.4896 / Windows 10.0.0”,
“details”: {
“body”: {},
“qs”: {
“client_id”: “xx”,
“response_type”: “token id_token”,
“redirect_uri”: “xx”,
“scope”: “openid profile email”,
“state”: “xx”,
“nonce”: “xx”,
“response_mode”: “web_message”,
“prompt”: “none”,
“auth0Client”: “xx”
},
“connection”: null,
“error”: {
“message”: “Login required”,
“oauthError”: “login_required”,
“type”: “oauth-authorization”
},
“riskAssessment”: null
},
“hostname”: “xx”,
“audience”: “https://xx.auth0.com/userinfo”,
“scope”: [
“openid”,
“profile”,
“email”
],
“auth0_client”: {
“name”: “lock.js”,
“version”: “11.30.0”,
“env”: {
“auth0.js”: “9.16.0”,
“auth0.js-ulp”: “9.16.0”
}
},
“log_id”: “xx”,
“_id”: “xx”,
“isMobile”: false
}

Thank you for providing the log.

I did some research, could you please check if “Allow All Cookies” is enabled on the Chrome setting? Thanks!

Thanks! Took a look and what is selected is: “Block third-party cookies in Incognito.” Interestingly, login works in incognito but fails in a non-incognito session.

Hi! Just checking in on this. We are having more user reports, internally and customers, but all seem to be happening at different times trickling in.

Hi @inabl ,

I noticed that you have two tenants, one for prod and one for dev. The dev tenant uses the Auth0 build-in email provider, which is for testing email only.

If the issue is on the dev tenant, could you please try configuring External SMTP Email Providers? This article explains the details. Please keep us updated on how it goes. Thanks!

Hi @lihua.zhang ,

I am experiencing the issue in both prod and dev. We have several user reports on prod experiencing the issue.

I found this topic with the same error, although it happened with both Chrome and Chrome incognito mode. Could you please check it and see if any hints you can get out of it?

Meantime, please DM me the HAR file of the failed transaction and I will get someone else in my team to check it further.

Thank you!

Thank you @lihua.zhang ,

I believe I had seen that earlier and I wasn’t able to get to a solution based on the information provided.

What’s a little different and strange about our configuration is that we’ve been using Auth0 with similar configuration for years and these issues just began to crop up.

I appreciate your help!

@lihua.zhang - DM’d you the HAR file.

@inabl ,

I checked the file. It did not capture the failed login attempt. Could you please give it another try and DM me the file? Thanks!

@lihua.zhang I believe it’s in there. I will send one more.

Thank you for providing logs.

By checking your tenant configuration further, I noticed that you are using the Auth0 Google Developer Key. This key has some limitations and is only for testing purpose.

Could you please follow the setup guide to create your own Google Developer Key? Please keep us updated on how it goes. Thanks!

1 Like

@lihua.zhang interesting. not sure how we made it this long (5 years!) before encountering this.

I don’t see that screen - can you provide a link or directions to get there? Screenshot shows what I see in my application settings.

@inabl ,

The Google connection is under Authentication → Social → click on google-oauth2.

1 Like

@lihua.zhang What do you recommend for a development environment?

for the development environment, please create your own Google Developer Key as well.

1 Like