Index-f795226a.js:10 Uncaught Error: auth0-spa-js must run on a secure origin

rashid · January 11, 2024, 1:27pm

Hi All,

I’m getting below error on below screenshot

Index-f795226a.js:10 Uncaught Error: auth0-spa-js must run on a secure origin
Please ensure Auth0’s Vue plugin is correctly installed

Here is the URL of application
http://104.198.x.x:5173/

I have deploy VUE application and its running as docker container i expose through public ip with port number when i check in browser i got above error

can u help me out with that issue

here is npm version

sudo npm version
{
  npm: '10.3.0',
  node: '20.5.1',
  acorn: '8.10.0',
  ada: '2.5.1',
  ares: '1.19.1',
  base64: '0.5.0',
  brotli: '1.0.9',
  cjs_module_lexer: '1.2.2',
  cldr: '43.1',
  icu: '73.2',
  llhttp: '8.1.1',
  modules: '115',
  napi: '9',
  nghttp2: '1.55.1',
  nghttp3: '0.7.0',
  ngtcp2: '0.8.1',
  openssl: '3.0.10+quic',
  simdutf: '3.2.14',
  tz: '2023c',
  undici: '5.22.1',
  unicode: '15.0',
  uv: '1.46.0',
  uvwasi: '0.0.18',
  v8: '11.3.244.8-node.10',
  zlib: '1.2.13.1-motley'
}

dan.woda · January 18, 2024, 10:28pm

Hi @rashid,

Welcome to the Auth0 Community!

It looks like you aren’t running your app on a secure origin.

More info here:

github.com

auth0/auth0-spa-js/blob/main/FAQ.md#why-do-i-get-auth0-spa-js-must-run-on-a-secure-origin

# Frequently Asked Questions

Below are a number of questions or issues that have arisen from using the SDK.

## Why is the user logged out when they refresh the page in their SPA?

After logging in, if the page is refreshed and the user appears logged out, it usually means that the silent authentication step has failed to work.

This could be affected by a couple of things:

- When not using refresh tokens, the SDK relies on third-party cookie support to log in silently. If you're not using refresh tokens, you could be using a browser that blocks third-party cookies by default (Safari, Brave, etc)
- You're using the [classic login experience](https://auth0.com/docs/universal-login/classic-experience), and trying to log in using a social provider that uses Auth0's developer keys (see [Limitations of Developer Keys when using Classic Universal Login](https://auth0.com/docs/connections/social/devkeys#limitations-of-developer-keys-when-using-classic-universal-login))

Please try these to see if you can get unblocked:

- Try it in a browser like Chrome which does not block third-party cookies by default (yet)
- Use the New Login Experience, if possible
- Supply the social connection with your own client ID and secret in the Auth0 dashboard

### Using Multi-factor Authentication (MFA)

This file has been truncated. show original

rashid · January 19, 2024, 4:10am

Let me check and i will get back to you

dan.woda · January 19, 2024, 7:26pm

Sounds good! Let us know.

system · February 2, 2024, 7:27pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Hosting auth0-spa-js plugin -After hosting in apache Getting error (auth0-spa-js must run on a secure origin.) Help	2	3938	May 26, 2020
Issue with oauth not running on a secure origin Help	2	4133	June 8, 2020
Auth0-spa-js must run on a secure origin Help auth0	8	21190	March 17, 2021
http://SPA ... auth0-spa-js must run on a secure origin Help	3	6294	March 4, 2020
Allow access of auth0-react app using IP address instead of localhost Help auth0	2	2543	October 28, 2022

Index-f795226a.js:10 Uncaught Error: auth0-spa-js must run on a secure origin

Related topics