Silent Auth returns login_required even when Auth0 cookie sent

Problem statement

When our UI opens, an iframe is created that makes an /authorize call to auth0 with prompt=none and tries to get a new code for retrieving a new access token (code flow). We deployed this application and everything works except the silent login. Every time we reload the UI or go to another path, the login screen appears.

We can see in the developers tools that:

  • The Auth0 cookie is part of the authorize request
  • A login_required error comes back and is pushed to the app via web message
  • The error also appears in the logs in the Auth0 Dashboard


You need to update your client settings with "sso_disabled": false which will allow you to use silent authentication again.

PATCH: https://YOUR_DOMAIN/api/v2/clients/CLIENT_ID
Request body:
    "sso_disabled": false