Problem statement
Experiencing a massive amount of logs of failed logins with “Login required” error message.
Cause
The most probable cause is that the Silent Authentication flow is misconfigured or there is some kind of a bug. A common error with Silent Authentication is that in the callback, the user is not prompted to the Login page after having a “login_required” error, hence it goes on and on in an endless login failure loop.
Solution
Handle the login error in the response as described in this documentation:
login_required |
The user was not logged into Auth0, so silent authentication is not possible. This error can occur based on the way the tenant-level Log In Session Management settings is configured; specifically, it can occur after the time period set in the Require log in after setting. See Configure Session Lifetime Settings for details. |
---|---|
consent_required |
The user was logged into Auth0, but needs to give consent to authorize the application. |
interaction_required |
The user was logged into Auth0 and has authorized the application, but needs to be redirected elsewhere before authentication can be completed: for example, when using a redirect rule. |