Massive Failed Silent Authentication (FSA) Logs with "Login required" Error

Problem statement

Experiencing a massive amount of logs of failed logins with “Login required” error message.

Cause

The most probable cause is that the Silent Authentication flow is misconfigured or there is some kind of a bug. A common error with Silent Authentication is that in the callback, the user is not prompted to the Login page after having a “login_required” error, hence it goes on and on in an endless login failure loop.

Solution

Handle the login error in the response as described in this documentation:

login_required The user was not logged into Auth0, so silent authentication is not possible. This error can occur based on the way the tenant-level Log In Session Management settings is configured; specifically, it can occur after the time period set in the Require log in after setting. See Configure Session Lifetime Settings for details.
consent_required The user was logged into Auth0, but needs to give consent to authorize the application.
interaction_required The user was logged into Auth0 and has authorized the application, but needs to be redirected elsewhere before authentication can be completed: for example, when using a redirect rule.