My third party applications says no_connection error even though I've updated one connection to domain_level

joe_re · October 29, 2019, 9:22am

Now I’m trying to integrate third party application to our users.(We are already using auth0 as first-party application.)

I think I have followed all introduction to integrate third-party application but my generated third party still has error “At least one email, sms or social connection needs to be available.”.

I’ve updated sms connection to domain-level and it seems succeed.
I can see id_domain_connection: true parameter when I fetch this connection via management api.

$ curl https://xxxxx.auth0.com/api/v2/connections
  --header 'authorization: Bearer xxxx' \
  --header 'cache-control: no-cache' \
  --header 'content-type: application/json'

[
  //....
  {
    "id": "con_xxxxxx",
    "options": {
      "disable_signup": false,
      "name": "sms",
      "twilio_sid": "xxxxx",
      "twilio_token": "xxxxx",
      "messaging_service_sid": "xxxxx",
      "syntax": "liquid",
      "template": "// template here ...",
      "totp": {
        "time_step": 600,
        "length": 6
      },
      "from": null,
      "brute_force_protection": true
    },
    "strategy": "sms",
    "name": "sms",
    "is_domain_connection": true,
    "realms": [
      "sms"
    ],
    "enabled_clients": [
      "xxxxx"
    ]
  }
]

Application that I’m trying to login should be third-party and I’ve confirmed it as "is_first_party": false by management api also.

$ curl https://xxxxx.auth0.com/api/v2/clients
  --header 'authorization: Bearer xxxx' \
  --header 'cache-control: no-cache' \
  --header 'content-type: application/json'
[
  //...
  {
    "tenant": "xxx-test",
    "global": false,
    "is_token_endpoint_ip_header_trusted": false,
    "name": "My Dynamic Application2",
    "callbacks": [
      "http://localhost:3000",
      "http://localhost:3000/callback"
    ],
    "oidc_conformant": true,
    "is_first_party": false,
    "sso_disabled": false,
    "cross_origin_auth": false,
    "allowed_clients": [],
    "native_social_login": {
      "apple": {
        "enabled": false
      }
    },
    "signing_keys": [
      {
        "cert": "xxx",
        "subject": "xxx"
      }
    ],
    "client_id": "xxxxx",
    "callback_url_template": false,
    "client_secret": "xxxxx",
    "jwt_configuration": {
      "lifetime_in_seconds": 36000,
      "secret_encoded": false
    },
    "client_aliases": [],
    "token_endpoint_auth_method": "none",
    "grant_types": [
      "authorization_code",
      "implicit",
      "refresh_token",
      "client_credentials"
    ],
    "custom_login_page_on": true
  }
]

I’m using universal-login and lock and already turned on __useTenantInfo.
Lock code lines are here.

      var lock = new Auth0LockPasswordless(config.clientID, config.auth0Domain, {
        auth: {
          redirectUrl: config.callbackURL,
          responseType: (config.internalOptions || {}).response_type ||
            (config.callbackOnLocationHash ? 'token' : 'code'),
          params: config.internalOptions
        },
        assetsUrl:  config.assetsUrl,
        allowedConnections: connection ? [connection] : null,
        rememberLastLogin: !prompt,
        language: language,
        languageDictionary: languageDictionary,
        theme: {
          logo:              'https://xxxxxx/logo.jpg',
          primaryColor:      '#e96322'
        },
        languageDictionary: {
          title: "xxxxx",
          passwordlessSMSInstructions: 'xxxxx'
        },
        closable: false,
        __useTenantInfo: config.isThirdPartyClient
      });
      lock.show();

For now I can’t find any further idea to do to resolve this connection error…
Any help would be greatly appreciated!
Thank you.

Adding:
I have changed authentication way to password as attemption and it seems success on that case.
Maybe isn’t third-party application supported for passwordless authentication…?

lily.wisecarver · January 27, 2020, 11:18pm

Hi @joe_re,

Welcome and thank you for posting in Auth0 Community!

I apologize for the huge delay in the response.

First, can you please check that you are using the right version of lock?

Can you please try adding the connection to this line?
allowedConnections: connection ? [“YOUR_CONNECTION”] : null,

Please keep in mind that technically it’s possible to get that error even if the application has connections enabled. For example, in the following scenario:

application only has connection CON_A enabled in the dashboard.
application makes use of universal login (hosted login page) configured to use Auth0 Lock as the login user interface.

In the following scenario, if at the hosted login page Lock configuration you set the option allowedConnections to ["CON_B"] then the message in question will be triggered when the application tries to initiate login through universal login because application only has CON_A enabled and Lock is configured to ignore that particular connection which means no usable connections are enabled.

Please let me know if this makes sense and thank you for your patience!

joe_re · February 4, 2020, 7:54am

Hi, for now I’ve given up to use third party login though, I’ve remembered already tried your suggestion like changing allowedConnection line to below.

allowedConnections: connection ? [“sms”] : null,**

joe_re · February 4, 2020, 7:59am

lock version is here.

  <script src="https://cdn.auth0.com/js/auth0/9.10.0/auth0.min.js"></script>
  <script src="https://cdn.auth0.com/js/lock/11.14.0/lock.min.js"></script>

lily.wisecarver · February 4, 2020, 5:01pm

We have a new version of lock:

<!-- Latest patch release (recommended for production) -->
<script src="https://cdn.auth0.com/js/lock/11.21.1/lock.min.js"></script>