Our application has been running fine for almost 2 years and all of a sudden Google Auth stopped working. Our website is a WordPress site with the Auth0 plugin. We have not made any changes to the Auth0 tenant, the plugin integration on WordPress, or the Google connection.
Now when I try to log in, I get this WordPress error “There was a problem with your login: Invalid state [error code: unknown]”
In the Auth0 logs, I can see that I received a “Success Login” message. However, in my logs, I noticed that there are a plethora of “Failed Login” messages even though nobody is trying to log in to the website. Is it possible that something is trying to brute force login to the site and Auth0 is not allowing me to log in anymore?
All of the failed logins are coming from a Firefox user_agent and IP that’s unknown to us.
“description”: “Unknown client: oncudk2vq36a6fcmccsot7spgznjgbh6”,
“user_agent”: “Firefox 109.0.0 / Windows 10.0.0”,
Your help is appreciated.