Silent Auth errors with Login Required after updating app_metadata via Management API

marcus.baker · July 23, 2021, 6:41pm

Hi,

Is your backend updating the email or email_verified attributes when it patches the user?
Patching Email or Email_verified via the management API will invalidate the Auth0 session.

Example:

This post body will invalidate the session:

{
  "email_verified": true,
  "app_metadata": {
          "TestData": "TestValue"
        }
}

This one works without invalidating the session:

{
  "app_metadata": {
          "TestData": "TestValue"
        }
}

Topic		Replies	Views
Auth Error after updating app_metadata via Management API and injecting metadata to IdToken Help auth0	6	2663	January 11, 2022
My SPA application getAccessTokenSilently calls brings me to login page Help api , login , get-token-silently	3	1628	November 8, 2022
Getting 'Login Required' when attempting silent auth after successful authentication with magic link Help sessions , authentication-sessions	0	1347	November 22, 2022
Yet another "Failed Silent Auth" problem Help management-api , users	0	483	November 16, 2023
Silent Authentication Help silent-authenticatio	0	3729	June 10, 2019

Silent Auth errors with Login Required after updating app_metadata via Management API

Related Topics