Failed Silent Auth - Login Required error for an unauthenticated user

Get Help
,
1

Hello,

I have a SPA set up with Auth0. Every time a user opens the app I get the “Failed Silent Auth - Login Required” error in the logs which creates a lot of noise. Authentication works fine, we also have a refresh token rotation set up which also works fine. I don’t understand why this error is being thrown for every user and I’m trying to resolve it in order to keep the logs clean but I haven’t found the solution yet.

Auth0 SDK is set up like this:

<Auth0Provider
  domain={process.env.AUTH0_DOMAIN}
  clientId={process.env.AUTH0_CLIENT_ID}
  authorizationParams={{
    redirect_uri: window.location.origin,
    audience: process.env.AUTH0_AUDIENCE,
  }}
  useRefreshTokens={true}
  cacheLocation='localstorage'
>

and then there is a hook that calls loginWithRedirect:

const { isLoading, isAuthenticated, user, loginWithRedirect, getAccessTokenSilently } = useAuth0()

  useEffect(() => {
    if (!isLoading && !isAuthenticated) {
      void loginWithRedirect()
    }
  }, [isLoading, isAuthenticated, loginWithRedirect])

On successful login, a token is fetched and the user is authenticated. However, the error is thrown before the user has authenticated, so it’s either isAuthenticated or loginWithRedirect but I don’t get why exactly. The package version is:

"@auth0/auth0-react": "2.1.1",

Any help would be appreciated,
Thanks!

3

Hi @yordan.grozdanov

Welcome to the Auth0 Community!

Could you please let me know when does the Failed Auth error appear exactly?
Does it appear when:

  • A user opens the app for the first time?
  • A previously authenticated user opens the app?
  • An authenticated/unauthenticated user opens the app at any time?

The error states that your application attempts to perform a silent authentication, usually this would be triggered by a checkSession() to see if the user is authenticated and if they are not, it throws in this error. Alternatively, it might also be triggered by the getAccessTokenSilently if the user’s session with Auth0 is no longer valid.

I would recommend to implement Refresh Token Rotation since it should take care of the issue at hand.

You can also inspect your application to see exactly where is this error being thrown from.

Let me know if you have any other questions regarding the matter, I will be looking forward to your reply.

Kind Regards,
Nik

4

Hi @nik.baleca, thanks for your reply!

The error happens when a user opens the app, as you can see in the code sample I provided we use the “isAuthenticated” function from the SDK to check if the user is authenticated to render the appropriate page or to redirect them to Universal Login via “loginWithRedirect”. We use refresh token rotation, it is already implemented and refreshing the token works as expected.

Is there a way to suppress this error for the “isAuthenticated” check in our use case as it creates a lot of noise in our logs?

5

Hi @yordan.grozdanov

Thank you for the additional info on the matter?

Could you please let me know what is the error that you are receiving in your logs or if you can share via DM the tenant name so I can take a look myself? Usually, the isAuthenticated() function should not throw any errors since it is only checking the session, not performing any authentication.

Kind Regards,

Nik

6

Hi @nik.baleca how can I DM you? I don’t see this option when I click on your profile…

7

Hi,

When you click my profile icon in the thread, you should have a button on the right which says “Message”.

8

I was able to resolve this, there was another getTokenSilently call that was throwing this error for unauthenticated users. Thanks for your help!

9

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.