Auth0 Home Blog Docs

Last Remembered login - invalid token



I’ve got a small issue with the last login feature of the lock widget. When a user has successfully logs in and the proceeds to log out, but then tries to login again, the last login feature is invoked, great! However, when i do click on the user that was just logged out and error is raised in the browsers console

Error Message:

{error: "invalid_token", errorDescription: "`state` does not match."}

Strangely enough, the official Auth0 site Lock Widget behaves differently, in that once logged out, the last remembered login is used, but forces the user to login again - makes sense.

I’m not sure how to start debugging this, but any help is most appreciated!


You should update the question with additional information to help reproduce this, in particular:

  • confirm that you’re using Lock embedded in the client application itself;
  • Lock version being used and how it is configured;
  • what does the logout action in your client application perform? Does it only clear the local session, does it call any endpoint in Auth0?