I’ve been using Auth0 with a SPA and Vue2 for years on my dev PC. From last week, I have been getting the Authorization App screen for my account on every page refresh. I did not touch any config or update any package.
Is there a new config in Auth0 that has been updated? This happens on localhost only. There is no problem in the online version.
Thank you.
Hi @evographics,
Welcome back to the Auth0 Community!
The reason why you are encountering this issue only on localhost is because localhost cannot be verified as a first-party application, as any malicious application could run on it. This is not recent change and it is explained under our User Consent and Third-Party Applications documentation.
I hope this helps! If you have any other question please let me know.
Best regards,
Remus
@remus.ivan Thank you so much for your feedback. We never experienced this issue before. It began last week.
Is there a solution for preventing it during our development?
Many thanks
Hi @evographics,
I have just made some double checking on our end and there is indeed a recently updated configuration in Auth0 that is causing this behavior. A new security feature was introduced that requires user confirmation when an application redirects to a non-verifiable callback address, such as localhost.
Since you are experiencing this during local development and want to bypass the prompt, you can easily turn off this new requirement directly from the Auth0 Dashboard by toggling off the Non-Verifiable Callback URI End-User Confirmation option, either for the application by navigating to Settings > Advanced settings section, or for the tenant from the Settings > Advanced tab.
You can find more about this on the following articles:
Understanding and Testing the Non-Verifiable Callback URI Consent Screen Within Auth0
Test the User Confirmation Prompt for Non-Verifiable Callback URIs
I hope this helps! Let me know if you have any other questions!
Best regards,
Remus