Overview
This article explains an issue that occurs when using the React Native Auth0 SDK. The getCredentials() method returns undefined, even when the user object returned from useAuth0() is defined and non-null, causing authenticated API calls to fail.
Applies To
Cause
This issue can be caused by the following factors:
- Missing Device-Level Security Features: The
getCredentials()method requires device-level security, for example, a screen lock or biometrics, to be enabled. If these features are not configured, the method may silently returnundefined. - Keychain Modification or Overwrite: If the device’s keychain is modified without proper namespacing, it may overwrite Auth0 credentials. For example, the following could interfere with stored Auth0 tokens:
await Keychain.setGenericPassword('passcode', passcode);
Solution
- Upgrade to SDK Version 5 or a later version. Version 5 of the React Native Auth0 SDK includes improved error handling for methods like
getCredentials(), which now throw errors instead of returningundefined. This change is detailed in the SDK v5 Migration Guide. - Enable device-level security. A secure screen lock, biometrics, or other device-level protections required by the native credential storage must be enabled.
- Use default service namespace settings. When using
react-native-keychainor similar libraries, use default settings to prevent accidental overwrites:
await Keychain.setGenericPassword('passcode', passcode, {
service: 'your.service.name',
});