Invalid state when using auth0-react and Passwordless magic links

rodrigo3 · April 15, 2021, 12:19am

Please include the following information in your post:

Which SDK this is regarding:
auth0-react
SDK Version:
@auth0/auth0-react 1.4.0
Platform Version:
React 17.0.1
Code Snippets/Error Messages/Supporting Details/Screenshots:
Fire a loginWithRedirect using the useAuth0 hook
Fill in your email
Click the link in your email and see the redirect back to your application
Witness the Oops... Invalid state in the bare sample

Is this a feature request or bug report?
Bug. Issue created on GitHub Passwordless with email results in `invalid state` intermittently · Issue #229 · auth0/auth0-react · GitHub

stephanie.chamblee · April 15, 2021, 12:20pm

Hi @rodrigo3 ,

I see there is a response on the issue:

by default we store the login transaction state in sessionStorage , but this doesn’t work for passwordless, since you don’t complete the OAuth flow on the same tab you started it.
For Passwordless, you should use cookies to store the transaction state, you can enable this with the useCookiesForTransactions option. eg
<Auth0Provider useCookiesForTransactions={true} ... >
The auth0-react docs haven’t caught up with the spa-js docs, will make sure they do on the next release.

Let us know if you have additional questions!

rodrigo3 · April 15, 2021, 4:29pm

Hi Stephanie, yes that worked for us. Thanks.

system · April 30, 2021, 4:30pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.