Could you please share a HAR file (please remove any sensitive details such as passwords) so we can have a closer look at the requests?
Please upload it to a cloud storage service (e.g. Google drive), and share the link with us. Feel free to restrict access to the link for only @auth0.com email addresses using Sharelock.io.
We are seeing the exact same error. It started to happen when choosing “continue as user” when using passwordless with SMS after having previously logged in. Today it also happens after choosing “use a different account” after the confirmation code is entered.
We’ve identified the problem and it seems an edge case with passwordless has arisen as a result of a few recent changes that were necessary to enable new features.
We’ve applied a workaround to your (Carlos and pparsons1) tenants in the meantime while we work on fixing this. Max, could you please share your tenant name privately via Sharelock so we can fix yours too?
Richard, could you please explain further what this ‘edge case’ is? As a users, we’d like to be as standard and mainstream as possible so we don’t encounter with these surprises.
We’re still investigating the cause but it’s likely related to some changes we made to our internal state handling. It should be fixed for everyone now. Please let us know otherwise.
We are getting the same issue, but it is specific to passwordless SMS when you click the “Last time you logged in with” link. Instead of logging in, we get a 404 with the text
Cannot GET /wsfed
.
Here is the sanitized url that is failing for us: https://login.au.auth0.com/lo/wsfed?disable_signup=false&name=sms&twilio_sid=<twilio_sid>&twilio_token=<twilio_token>&from=syntax=md_with_macros&template=Your%20verification%20code%20is%3A%20%40%40password%40%40&totp=&messaging_service_sid=&brute_force_protection=true&store=&strategy_instance=sms&wctx=&wtrealm=urn%3Aauth0%3A%3Asms&wa=wsignin1.0
Hi, it looks like the “last time you logged in with” link is now just disabled, is that right? Is that while you are fixing it or is something else stopping that from being displayed ( I have set rememberLastLogin: true)?
Thanks for getting back to me. Sorry for the delay in my response.
Yes, we are still having an issue. The “Last time you logged in with” link still doesn’t show when using Auth0LockPasswordless and an sms connection. We have a separate login flow which does display the “Last time you logged in with” link, but it uses the Auth0Lock widget and social login types.
Perhaps you could review my widget configuration here to see if something is wrong there (This is within a hosted login page and uses lock 11.4.0):