Massive Failed Silent Authentication (FSA) Logs with "Login required" Error

Problem statement

Experiencing a massive amount of logs of failed logins with “Login required” error message.


The most probable cause is that the Silent Authentication flow is misconfigured or there is some kind of a bug. A common error with Silent Authentication is that in the callback, the user is not prompted to the Login page after having a “login_required” error, hence it goes on and on in an endless login failure loop.


Handle the login error in the response as described in this documentation:

login_required The user was not logged into Auth0, so silent authentication is not possible. This error can occur based on the way the tenant-level Log In Session Management settings is configured; specifically, it can occur after the time period set in the Require log in after setting. See Configure Session Lifetime Settings for details.
consent_required The user was logged into Auth0, but needs to give consent to authorize the application.
interaction_required The user was logged into Auth0 and has authorized the application, but needs to be redirected elsewhere before authentication can be completed: for example, when using a redirect rule.