I tried looking, to the best of my ability, in this community if anyone else is experiencing this issue, but I couldn’t find anything so here I am with this problem.
LIke the title suggests, when I login and then when I refresh, my browser loses the login credentials and then asks me to login again.
I’m following the tutorial in the quick start section for react very closely and it says to whitelist urls using the “allowed web origins” input so that it can automatically refresh the authentication tokens. I think I’m doing just that:
But I’m not getting the proper response. Cany anyone point me to the right direction?
I tried the quick start React tutorial (same as on github here), and the browser refresh works just fine, I remain logged in (the SPA SDK, in particular the auth0Client should handle this silent authentication automatically).
Are you running it on http://localhost:3000 (if not, can you try to run it on localhost)? Do you see any Javascript errors in the browser developer console or any network errors in the developer console / network tab?
Note that the silent authentication only works on secure connections, so either localhost and/or https, but from what I see, that should be the case for you already, so that shouldn’t be the issue.
I am running on http://localhost:3000, the only errors I see is the SSO one. And I deployed it to netlify just to make sure it works in a deployed state, but it still doesn’t.
and just to make sure I covered all bases I also added localhost:3000
I just tested your example, and indeed, automatic login doesn’t happen. Comparing the requests with my local instance, I see that the POST https://dev-yourtenant.auth0.com/oauth/token (silent authentication) isn’t made as it’s the case in my instance.
Don’t know about the reason for this adhoc, as I’m not too familiar with the new auth0-spa-js in detail myself yet, but that’s my finding so far.
Am I missing something in my settings that would maybe be the cause of that? The only difference between your local instance to my local instance and netlify deployment is whatever settings i have in my tenant. Am I doing something wrong here; do I have anything that might be missing that I need to add?
Thanks a lot @mathiasconradt! I can however say one thing, there was one instance that it did keep me logged in when I refreshed the page. After that, I then tried to do it again on a different time, it went back to this current behavior.
I tested my localhost application against your Auth0 tenant and clientID (put your values in my auth_config.json). And in fact, I then also get that problem. So it really seems to be related to the tenant.
Then, I went ahead and tested it with a different tenant of mine (a free tenant in the US region, instead of my default Enterprise one in EU), and I get that same behaviour like with yours there as well.
So, it seems to be something with the different tenants, no idea why though yet. Will try to do some more digging tomorrow.
Instead of logging with the Google / Log in with Google, can you try with a database user instead (username + password) - does it work now?
I assume you’re currently using the default Auth0 dev keys for the Google social connection. Can you try to replace it with proper Google API credentials.
