Password login via OIDC-conformant problem

We faced this issue sometimes. Not every time we login.
We didn’t change anything in our product

Password login via OIDC-conformant clients with externally-hosted login pages is unsupported. Alternatively, login could have been initiated from the wrong place (e.g., a bookmark)

is there anything wrong here?
or just auth0 bug?

We are seeing this error too, specifically for one user. Most other users can log in just fine. In my case the user in question is using a native app (same as all the other users), which uses the Auth0 Cordova module for login against the hosted login page.

Is there anything on a particular user’s device that would cause this error?

1 Like

The error you mentioned typically occurs when the state parameter is missing and you are using an OIDC-conformant client. Usually this problem occurs when users bookmark the /login URL that /authorize redirects to and attempt to log in directly.

The endpoint that the client application should redirect to is /authorize which is the entry point for redirect-based flows (Authentication API Explorer).

Hi @jerdog - in our case we’re using the Auth0 cordova package, which has its own authorize() method on it. That will do the redirecting to the endpoint it needs. So bookmarking shouldn’t be in play here.

Again, other users are able to log in with the same mobile app. Seems like some other factors can trigger this error on the Auth0 side…

One other note. In the Auth0 logs this user who is triggering this error does get a successful login event. So they get a successful login, but then this error in the logs. In their UI they end up seeing the Oops!, Something went wrong Auth0 page.

1 Like

Is there a way to redirect user to our login page that can redirect back to Auth0 /authorize with correct params? I found Configure Default Login Routes but still keep getting this error.

Hey guys,did you find any solution for this??
I am getting same error in xamarin.Android

Hey there!

Sorry for such huge delay in response! We’re doing our best in providing you with best developer support experience out there, but sometimes our bandwidth is not enough comparing to the number of incoming questions.

Wanted to reach out to know if you still require further assistance?