Hi all,

We are currently successfully using the Lock v11 to control the authentication via social login and we wanted to add also the username-password option.

Our Lock is configured with redirect:false

We are not able to have the username+password login working, as everything collapse when a call to “authorize” is done by the lock: what we get is an eternal spinner and a 403 from the API.

This is what the call looks like, as we can see from the console:
https://meterian.auth0.com/authorize?client_id=xxx&response_type=token&redirect_uri=http%3A%2F%2Flocal.meterian.com%2Faccount.html&state=yyy&scope=openid%20profile%20email&realm=Username-Password-Authentication&login_ticket=zzzz&response_mode=web_message&prompt=none&auth0Client=kkkk%3D%3D

The social logins work perfectly.

Does anybody has any suggestion? This is the lock configuration:

var lock = new Auth0Lock(lock_id, 'meterian.auth0.com', {
    auth: {
        redirect: false
    },
    allowSignUp: true,
    container: 'login-container',
    rememberLastLogin: false,
    theme: {
        logo: '/images/logo.png',
        primaryColor: 'blue'
    }
});

Any help is highly appreciated!

Is anybody keeping an eye on this forum?

Well, for anybody interested, this was fixed inserting a fake url as a callback and enabling it as a callback in the web lock config, something like this:

var lock = new Auth0Lock(lock_id, 'meterian.auth0.com', {
    auth: {
        redirect: false,
        **responseType: 'token',**
        **redirectUrl: your_fake_url_here**
    },
    allowSignUp: true,
    container: 'login-container',
    rememberLastLogin: false,
    theme: {
        logo: '/images/logo.png',
        primaryColor: 'blue'
    }
});

Remember also the responseType: ‘token’ bit. See some details of a similar issue raised on Github here:

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.