Hi
We have an issue where, if you leave our web app open for a few hours, it seems to randomly break the login page. For example
- visit the app and get redirected to the sign in page
- attempt to sign in, works fine, redirects the user to the app
- leave the web app open for a long period of time
- eventually, the token can’t be refreshed so it redirects the user to the login page
- when you try logging in, you get this error
“Password login via OIDC-conformant clients with externally-hosted login pages is unsupported. Alternatively, login could have been initiated from the wrong place (e.g., a bookmark).”
But if you reload sign in page, the login works fine. Just the first attempt fails.
I have a HAR file, but i do not wish to share it publicly. Is there someone who can assist with this to inspect whats going wrong?
I’ve tried
- ensuring that the tenant level redirect uri is set and valid
- ensuring that the application’s redirect uri is set and valid
- getAccessTokenSilently({ redirect_uri: ‘…’ }) is set and matches the redirect uri
I can’t reproduce the issue exactly every time, but our auth0 logs are full of this error. I’ve tried scouring the forums with no luck. Any suggestions?