Has anyone been able to the get the quickstart for React SPAs to work? I downloaded directly and started it, following the instructions. It hangs during login. Developer tools shows me the following error:
auth0-spa-js.production.js:1774 Uncaught (in promise) Error: Expiration Time (exp) claim must be a number present in the ID token
at mr (auth0-spa-js.production.js:1774)
at e._verifyIdToken (auth0-spa-js.production.js:1830)
at e.<anonymous> (auth0-spa-js.production.js:1959)
at auth0-spa-js.production.js:141
at Object.next (auth0-spa-js.production.js:153)
at a (auth0-spa-js.production.js:42)
I did not modify the code in any way. http://localhost:3000 is authorized in all the right places for my app. I know it’s a new SDK. Does it work?
I downloaded and ran it again. The second time it kinda worked. Except that silent authentication fails, so reloading the page means that you get logged out.
Thanks a lot for reporting that! Can you open a GitHub issue in the quickstart repo providing the logs you attached here and describing the problem and then pasting the link to the issue here so I can ping the quickstart maintainers to help us troubleshoot that? Thank you!
As above, these kind of issues which is with our SDKs and quickstarts that have corresponding repos, the best way to tackle them is to create a topic here pasting the link to the GitHub issue you have opened providing as much details as possible so we can ping repo maintainers and help you go through your hurdle.
I have posted a Github issue on the quickstart. However, I have this same problem with both of the tutorials from the blog I tried as well. So I think it may be a more general issue than the quickstart. I’m not sure where the SDK repo is, or whether it makes sense to post issues there as well.
@konrad.sopala is there any way to know if the github issue is being looked at? There hasn’t been a reply so far. Also, elsewhere in the community, see:
This seems to be a pretty general problem. This appears to be a systemic issue. Not to ask a stupid question, but you are sure that silent authentication with SPAs can be made to work, right? Because three different sets of code provided by Auth0 fail, as do my own attempts.