Id_token not present in TokenSet when logging in with passwordless embedded login email magic link


I am doing a passwordless login with email magic link. The user successfully receives the email, but when the link is clicked, the following error is shown: id_token not present in TokenSet. In the Auth0 Dashboard the monitoring logs show a “Successful Login”. In my node.js/express.js application, this is the authorization part of my request: authorization: {params:{ scope: “openid email profile” }}. How can I fix this issue?

Thanks in advance!

Hi @richardb

Welcome back to the Auth0 Community,

If you need to get the Id_token, you need to add that in the responseType in the authorization part of your request.

authorization: {
    params: {
        response_type: 'id_token' // and `token` if you need access token



I am still confused as to why I need the id_token, but I’ve added response_type: ‘id_token token’ to the authorization params of the config to send the email to the user and still get the same issue. This is the callback I get when I click on the link I don’t understand why it doesn’t work. I have a universal login in parallel on the same app which works, so I don’t understand why the embedded passwordless doesn’t work.

Sorry for the confusion, can you share with me the code snippets, and technology that you are using?

I am using node.js and express.js. Here is the request to send an email with the magic link:
emailConfig={ method: 'get', maxBodyLength: Infinity, url:https://${process.env.DOMAIN}/passwordless/start`,
headers: {
‘content-type’: ‘application/json’
httpAgent: httpagent,
httpsAgent: httpagent,
proxy: false,
“connection”: “email”,
//“authParams”:{“scope”:“openid profile”}
authorization: {params:{ scope: “openid email profile”, response_type: ‘id_token token’ }}

        axios.request(emailConfig).then(function (response) {
          }).catch(function (error) {


Hi @richardb

I need a little bit more time to check for more details, but I first noticed that you should be using the POST rather than the GET method.