Index-f795226a.js:10 Uncaught Error: auth0-spa-js must run on a secure origin

rashid · January 11, 2024, 1:27pm

Hi All,

I’m getting below error on below screenshot

Index-f795226a.js:10 Uncaught Error: auth0-spa-js must run on a secure origin
Please ensure Auth0’s Vue plugin is correctly installed

Here is the URL of application
http://104.198.x.x:5173/

I have deploy VUE application and its running as docker container i expose through public ip with port number when i check in browser i got above error

can u help me out with that issue

here is npm version

sudo npm version
{
  npm: '10.3.0',
  node: '20.5.1',
  acorn: '8.10.0',
  ada: '2.5.1',
  ares: '1.19.1',
  base64: '0.5.0',
  brotli: '1.0.9',
  cjs_module_lexer: '1.2.2',
  cldr: '43.1',
  icu: '73.2',
  llhttp: '8.1.1',
  modules: '115',
  napi: '9',
  nghttp2: '1.55.1',
  nghttp3: '0.7.0',
  ngtcp2: '0.8.1',
  openssl: '3.0.10+quic',
  simdutf: '3.2.14',
  tz: '2023c',
  undici: '5.22.1',
  unicode: '15.0',
  uv: '1.46.0',
  uvwasi: '0.0.18',
  v8: '11.3.244.8-node.10',
  zlib: '1.2.13.1-motley'
}

dan.woda · January 18, 2024, 10:28pm

Hi @rashid,

Welcome to the Auth0 Community!

It looks like you aren’t running your app on a secure origin.

More info here:

github.com

auth0/auth0-spa-js/blob/main/FAQ.md#why-do-i-get-auth0-spa-js-must-run-on-a-secure-origin

# Frequently Asked Questions

Below are a number of questions or issues that have arisen from using the SDK.

## Why is the user logged out when they refresh the page in their SPA?

After logging in, if the page is refreshed and the user appears logged out, it usually means that the silent authentication step has failed to work.

This could be affected by a couple of things:

- When not using refresh tokens, the SDK relies on third-party cookie support to log in silently. If you're not using refresh tokens, you could be using a browser that blocks third-party cookies by default (Safari, Brave, etc)
- You're using the [classic login experience](https://auth0.com/docs/universal-login/classic-experience), and trying to log in using a social provider that uses Auth0's developer keys (see [Limitations of Developer Keys when using Classic Universal Login](https://auth0.com/docs/connections/social/devkeys#limitations-of-developer-keys-when-using-classic-universal-login))

Please try these to see if you can get unblocked:

- Try it in a browser like Chrome which does not block third-party cookies by default (yet)
- Use the New Login Experience, if possible
- Supply the social connection with your own client ID and secret in the Auth0 dashboard

### Using Multi-factor Authentication (MFA)

This file has been truncated. show original

rashid · January 19, 2024, 4:10am

Let me check and i will get back to you

dan.woda · January 19, 2024, 7:26pm

Sounds good! Let us know.

system · February 2, 2024, 7:27pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.