We want our application to provide both password and social login with organization support.
We implement it with the following flow:
-
loginWithRedirectwithout organization info. - After figuring out which org the user needs to login into or whenever user switches organization, use
getAccessTokenSilentlywith ignore cache to refresh the access token with org info.
The flow works fine with password login and we are able to obtain an access token with silent auth. However, in the case of google social login, the flow fails at the silent auth. The error reported in the log is Failed Silent Auth - Login required.
I tried this with a few browser:
- Chrome: password flow works but google social flow doesn’t work.
- Safari: password flow works but google social flow doesn’t work.
I read through this question. The symptom is very similar and the problem seems related to cookies. But we are already using paid subscriptions and the custom domain.
I also read through this question. But the problem seems different as my password flow actually works fine.
We are also not able to use the refresh token flow in Auth0Provider as it doesn’t work with organization auth, similar to this question.
Here is our setup:
SDK:
- @auth0/auth0-react: ^1.9.0
Auth0 Provider:
<Auth0Provider
audience={config.AUTH0_AUDIENCE}
domain={config.AUTH0_DOMAIN}
clientId={config.AUTH0_CLIENT_ID}
redirectUri={window.location.origin}
>
{children}
</Auth0Provider>
First login without organization:
loginWithRedirect({ audience: config.AUTH0_AUDIENCE });
Refresh an access token with organization info via silent auth:
const token = await getAccessTokenSilently({
ignoreCache: true,
audience: config.AUTH0_AUDIENCE,
organization: orgId,
});
How to make silent auth work with social login and organization? Can anyone help point me in the right direction? Thank you!
Update:
- I’m using my own google developer credentials in testing this, rather than auth0’s shared development keys.
