Hello,
I am following this blog on setting up my react app with a passwordless auth0 flow: Setup Passwordless Authentication with Auth0.
I am trying to get it working on http://localhost:3000 (base url) and have gotten as far as getting an OTP token and trying to authenticate the user (myself) with said token.
I keep running into the error: “Invalid request body. All and only of client_id, credential_type, username, otp, realm are required.”
Searching around, I see that it might be a CORS + 3rd party cookies issue but really cannot figure out what I have missed.
Here’s what I have done:
- Double checked my browser allows all 3rd party cookies (Brave:
Version 1.36.122 Chromium: 99.0.4844.88 (Official Build) (arm64)
) - Checked is listed under the following Application Settings:
- Allowed Callback URLs: /authorize
- Allowed Logout URLs: /logout
- Allowed Web Origins:
- Allowed Origins (CORS):
- Tried different browsers with 3rd party cookies disabled.
- I even tried using ‘caddy’ to create a local https proxy for my base url and listed the https proxy in Application Settings.
I’m wondering if there is something obvious I missed or if this just isn’t supported anymore and I’m following an old blog post.
I’m on react v17.0.2.