Hi all! We are getting the following error on occasion. Several users have reported it, but it doesn’t happen every time. When the error does show up, it’s after the user has been redirected to the login screen of our system after a session timeout. Our session timeout is set to go after 15 minutes of inactivity.
Please see the message below:
invalid_request: You may have pressed the back button, refreshed during login, opened too many login dialogs, or there is some issue with cookies, since we couldn’t find your session. Try logging in again from the application and if the problem persists please contact the administrator.
Hey Harsh, thanks for your reply! We are redirecting to our login page when there is a session timeout.
In order to reproduce the error what we have done is leave an open session, the session times out, and the user is redirected to the login page, if the user doesn’t sign in again within a long period (2 hours or more), sometimes (not always) the login won’t work displaying this error.
I have also left the session open overnight, I always find the login page when I come back (which is expected) but sometimes when I log in I get the error screen, other times I don’t.
If the user signs in shortly after they have been kicked out, there is no issue.
I think @Harsh2 was on the right track. You would have to go to your application setting inside your tenant and set the default login path (i dont think localhost qualifies as a valid login path). This will be the default login url for your application. In cases of timeout auth0 will try to redirect the client to that url instead of presenting you the invalid request error. I hope this helps.
I want to emphasize that the user is always redirected to the corresponding login page after the session time-out. The error shows when the user tries to sign in after leaving the login page open. The error shows up when they place their credentials and click on the login button. Is there something that expires on the login page?