Following parameters are not allowed on the `/authorize` endpoint: [is_submitting]

I just recently started getting new warnings when trying to log into my application using the Lock Widget. I am not able to login (unsure if its related to the warnings.)

Following parameters are not allowed on the `/authorize` endpoint: [is_submitting]

and

react_devtools_backend.js:4012 There was an error fetching the SSO data. This is expected - and not a problem - if the tenant has Seamless SSO enabled. If the tenant doesn't have Seamless SSO enabled, this could simply mean that there was a problem with the network. But, if a "Origin" error has been logged before this warning, please add "https://app.ampd.io" to the "Allowed Web Origins" list in the Auth0 dashboard: https://manage.auth0.com/#/applications/xKMU0Kq9fgFYBQm9HQC8WwryDDM1ThBM/settings

As far as I can tell, I am the only user seeing these warnings or not able to log in. I’ve tried logging in with several different user credentials and I am getting the same warnings and behavior.

Whats stranger still is that I am able to login from my phone. I only see the error when I try to login with my computer. I have tried disabling all extensions, using an incognito session, using a different browser (Chrome and Safari), and disabling my vpn. I am accessing a hosted lock-widget so my phone and my computer are getting served the exact same code.

Here is some more about the actual request

1. Request URL:

https://metricstory.auth0.com/authorize?client_id=VerLiAnTy6BQv0fpJBXB0V1ZvvMLhRYn&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fdev.metricstory.sh%2Flogin&scope=openid%20email&audience=https%3A%2F%2Fmetricstory.auth0.com%2Fuserinfo&connection=google-oauth2&is_submitting=false&nonce=pUQ9_zNCYH1gJDKk1b4ROPfTuxS4X5Fi&state=fqdMvfEb3lErP4sL2LY.XTXpHqwzDt.T&auth0Client=eyJuYW1lIjoibG9jay5qcyIsInZlcnNpb24iOiIxMS4zMy4wIiwiZW52Ijp7ImF1dGgwLmpzIjoiOS4xOS4wIn19

2. Request Method:

GET

3. Status Code:

302

4. Remote Address:

[2606:4700::6810:b8f8]:443

5. Referrer Policy:

strict-origin-when-cross-origin

and the response

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 7935f264ebe63072-SEA
date: Thu, 02 Feb 2023 21:16:15 GMT
location: https://accounts.google.com/o/oauth2/auth?response_type=code&redirect_uri=https%3A%2F%2Fmetricstory.auth0.com%2Flogin%2Fcallback&scope=email%20profile&state=yGcmqsxHvqyjgf_7RICArgVMcSojHyXp&client_id=626422386083-ufta4hmj2cniccas05rtma2phmqemu4j.apps.googleusercontent.com
ot-baggage-auth0-request-id: 7935f264ebe63072
ot-tracer-sampled: true
ot-tracer-spanid: 222498e13110fc3d
ot-tracer-traceid: 5c3279330ee47b96
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000
traceparent: 00-00000000000000005c3279330ee47b96-222498e13110fc3d-01
tracestate: auth0-request-id=7935f264ebe63072,auth0=true
vary: Accept-Encoding
x-auth0-requestid: 44ecd32f5b9f5cb25971
x-content-type-options: nosniff
x-ratelimit-limit: 100
x-ratelimit-remaining: 99
x-ratelimit-reset: 1675372576

Please let me know if I can provide any more info.

Using auth0-lock v11.23.1,

The issue was the clock on my computer somehow got set to be in the future 2 days.

1 Like

aaaah gotchya! Thanks for sharing that!

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.