Invalid state when using auth0-react and Passwordless magic links

Please include the following information in your post:

  • Which SDK this is regarding:
    auth0-react

  • SDK Version:
    @auth0/auth0-react 1.4.0

  • Platform Version:
    React 17.0.1

  • Code Snippets/Error Messages/Supporting Details/Screenshots:

  • Fire a loginWithRedirect using the useAuth0 hook

  • Fill in your email

  • Click the link in your email and see the redirect back to your application

  • Witness the Oops... Invalid state in the bare sample

Is this a feature request or bug report?
Bug. Issue created on GitHub Passwordless with email results in `invalid state` intermittently · Issue #229 · auth0/auth0-react · GitHub

Hi @rodrigo3 ,

I see there is a response on the issue:

by default we store the login transaction state in sessionStorage , but this doesn’t work for passwordless, since you don’t complete the OAuth flow on the same tab you started it.
For Passwordless, you should use cookies to store the transaction state, you can enable this with the useCookiesForTransactions option. eg
<Auth0Provider useCookiesForTransactions={true} ... >
The auth0-react docs haven’t caught up with the spa-js docs, will make sure they do on the next release.

Let us know if you have additional questions!

2 Likes

Hi Stephanie, yes that worked for us. Thanks.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.