Multiple Errors On Chrome Broswer


Some of the users are getting some weird errors in chrome, its not happening to me when i am trying to login/register locally in chrome browser.

These are the log traces

"error": {
  "message": "Unknown or invalid login ticket.",
  "oauthError": "access_denied",
  "type": "oauth-authorization"
"error": {
  "message": "Unable to construct sso user.",
  "oauthError": "server_error",
  "type": "oauth-authorization"

I have disabled all the rules and webhooks, still few users are getting this error on chrome works fine on safari though ?

looks like cross origin authentication issue , i have already provided the Fallback for this in the code according to
I am using custom embedded login page with auth0-js: 9.02

Occurred	an hour ago at  2018-02-22 02:14:42.790 UTC
Type	Failed cross origin authentication
Description	Unknown or invalid login ticket.

Can you try updating to the latest Auth0.js v9.2.3 just to be sure it is not a bug already fixed in this version?

You an also check if you have added all Allowed Callback URLs, Allowed Web Origins and Allowed Origins (CORS) in the client settings. You can read more about these here:

Finally, the “Unable to construct sso user.” error can also happen if you’re trying to do silent authentication for a user that has been deleted from your database in Auth0. Is it possible that some logged in users where deleted?

Thanks for reply,

I have tried all the above steps, still the problem persists.
I was wondering if custom domain

is the answer but i am skeptical looking at the Beta tag on it.

Also, according to the document you linked, cross origin authentication unfortunately isn’t supported for some browsers, listed in the browser support matrix. This table shows the current state of the cross origin authentication for browsers when 3rd party cookies are not enabled. E.g., if the 3rd party cookie is not enabled for Chrome in MacOS, CO login flow is not supported.

Rephrasing our recommendation from the same link, in order to avoid situations in which your users would be unable to authenticate, you may wish to ask your users to leave third party cookies enabled or to switch browsers. You could also simply inform users of the non-support of those browsers when third party cookies are disabled.

This limitation is another reason why the more practical solution, where possible, is to use the Hosted Login Page and circumvent this issue entirely.

@ricardo.batista Getting the same error here starting from yesterday:
Unknown or invalid login ticket

Getting the same after upgrade to:
“auth0-js”: “^9.3.0”,
“auth0-lock”: “^11.1.0”

Domains are listed in CORS, Callback and Web Origins - seems to be an issue on Auth0 side?
This has been working the last weeks with errors popping up just yesterday.

Any response from Auth0 on this? I know they don’t offer support to their free customers, but is there a way to raise the fact the product is currently broken?

Are third-party cookies disabled on your browser? You can check this matrix for supported browsers.

If not, the best solution would be to move to the hosted login page, as stated here:

+1 @ricardo.batista - My team started seeing this error yesterday morning, after migrating from lock to auth0-js 9.2.0 a few weeks ago. Hitting the logout url for the tenant seemed to fix this temporarily for all parties getting the error. I’ve not been able to reproduce on my machine, but various new user signups continue to exhibit this behavior. It’s not a third party cookies disabled issue, as it’s intermittent, and no one is sitting around toggling this feature. As for ‘moving to the hosted login page’, would love to hear a different solution from auth0 re: the inexplicable intermittency


We are seeing the same intermittent error with Chrome. Using lock v9.2.3.

“error”: {
“message”: “Unknown or invalid login ticket.”,
“oauthError”: “access_denied”,
“type”: “oauth-authorization”

Any ideas?

1 Like

Hey there!

Sorry for such huge delay in response! We’re doing our best in providing you with best developer support experience out there, but sometimes our bandwidth is not enough comparing to the number of incoming questions.

Wanted to reach out to know if you still require further assistance?