Passwordless Magic Link issue with React SPA sample app


I’ve been trying to use the Passwordless Authentication API to generate a magic link that a user can click on to Login into a React SPA.

When I generate the email and follow the magic link then the browser presents me the following error:

error: "invalid_token"
errorDescription: "`state` does not match."

I have checked the logs in auth0 admin and I can see that the user was successfully logged in.

I have also attempted to use the Try action in the Auth0 admin Passwordless Connection and I ended up having exactly the same error.

Though, when I configured the universal login to use Passwordless template I was able to successfully login in the SPA following the link.

Is there anything missing from the links that are generated both from the Authentication API or the admin Try action? Is there a different authentication handling in the React SPA that I’m supposed to use for Passwordless?

1 Like

Hey there!

Sorry for such a delayed response! We’re doing our best in providing you with the best developer support experience out there but sometimes our bandwidth is just not enough for all the questions coming in. Sorry for the inconvenience!

Can you let us know if you still require further assistance from us?