Hi,
I have a React SPA and added in Auth0 using the sample app provided. I keep getting this error, maybe 90% of attempted logins.
access_denied : Password login via OIDC-conformant clients with externally-hosted login pages is unsupported. Alternatively, login could have been initiated from the wrong place (e.g., a bookmark).
I’m not using externally hosted pages; I’m using the Auth0 provided dialog.
What does this error mean? Why am I getting it? Are the sample apps out of date?
Thanks,
Jeff
Hi @jeffeld!
Welcome to the Auth0 Community!
Take a look at this response to a similar problem.
Let me know if this helps,
Dan
Hi Dan,
Thanks for taking the time to reply; much appreciated.
I did have a look at some of the other issues where this error was being generated, but as I’m using the auth0-js npm module I’m not calling any endpoints directly.
I have figured out a rock solid repro case. The React sample app Auth0 supplies calls the login/logout methods in response to to a button click (and this works ok). My app calls the login/logout methods like this:
class SignInUi extends React.Component{
render () {
return null;
}
componentDidMount(): void {
// Show the sign-in dialog
auth.signIn();
auth.renewSession();
}
}
I did this so that login/logout can be called directly from the browser as a route. And this is the problem.
I feel that my use case is valid and the problem lay within the SDK.
I’d be interested to know your thoughts.
Many thanks,
Jeff
EDIT: For the moment, I’m doing the same as the sample app but I’d like to be able to implement login/logout via routes and not click handlers.