Massive failed silent authentication logs with "Login required" error

Problem Statement

A colossal amount of logs of failed silent authentication (FSA) in Tenant Logs from GET /authorize.


Check step-by-step the code implementation and error handling after the getTokenSilently() in JS or similar method in other SDKs.


The most probable cause is that the Silent Authentication flow could be misconfigured or have some bug along the way. A common error with Silent Authentication is that in the callback the user is not prompted to the Login page after having a “login_required” error. Therefore it goes on and on in an endless login failure.


Handle the login error in the response as this documentation explains:

login_required The user was not logged in at Auth0, so silent authentication is not possible. This error can occur based on the way the tenant-level Log In Session Management settings are configured; specifically, it can occur after the time period set in the Require log in after setting. See Configure Session Lifetime Settings for details.
consent_required The user was logged in at Auth0, but needs to give consent to authorize the application.
interaction_required The user was logged in at Auth0 and has authorized the application, but needs to be redirected elsewhere before authentication can be completed; for example, when using a redirect rule.