We are using PHP SDK 7.3 for doing a login. We have a pretty basic setup using the Universal Login and a callback.php that contains this code pretty much:
$auth0 = new Auth0([
'domain' => AUTH_DOMAIN,
'client_id' => AUTH_CLIENT_ID,
'client_secret' => AUTH_CLIENT_SECRET,
'redirect_uri' => AUTH_CALLBACK,
]);
try {
if ($user = $auth0->getUser()) {
// Do stuff with user
}
} catch (Exception $e) {
error_log($e->getMessage());
}
Everything works like 99% of the time. But now we have 1 user that cant login on his old iPhone 6 in Safari (dont know versions). I can see in the logs that the Exception is “Invalid state”. I’ve asked the user to clear cookies, restart browser etc etc. But the issue persists. He can login if he uses his computer. I understood that I could add the param: 'state_handler' => false
but that doesn’t feel like a safe workaround for 1 user having issues.
Anyone has any suggestions on how to solve this? There are +10.000 users that don’t have issues, but our customer support wants me to call him and guide him in the right way. What should I ask him to do, as I guess that it has to be something with his client…?