As a bit of background, I’ve inherited a tech stack from a start up that went bust. I have no ability to contact the previous development team.
A couple of parts of their stack are using Auth0 to authenticate. The piece I am currently working on is a React front end with a NodeJS api stack hosted via AWS serverless.
They have used the auth0-js library to handle the authentication rather than the React specific library.
It is currently configured to use a google social login (which works) and I have been tasked with extending this to also allow login via an email and password.
The previous team has instantiated a class that instantiates a WebAuth with arguments for:
responseType: ‘token id_token’
scope: ‘openid profile email’
as well as having a bunch of methods on their own class to handle other stuff they want to do around authentication.
They have a landing page with a button that calls the WebAuth.authorize() method which successfully redirects to the universal login page (currently configured on the dashboard as classic).
Originally this only had a single connection (google-oauth2) which works successfully.
Once this social connection authenticates, the app returns to the redirectUri where they use the WebAuth.parseHash method to manage the response and then run some further logic (e.g. setting a time on how long people can be logged in for, etc which isn’t related specifically to auth0).
I have configured a database connection for the application (just one managed by auth0, not a custom one) without changing any of the basic settings, switched the connection on in the connections tab in the application dashboard, and I can then see the option for signup/login and the email/password input fields appear on the universal login lock screen.
However, when I then try to signup to the application by using the signup tab and putting in an email/pw I end up with a 400 error response as below:
message: “Extensibility error”
I can see that the:
Are all present in the post request as the documentation states is required.
I get the same error when manually testing with Postman, and the same error via a prompt when I try to manually add a user to the db from the dashboard.
I tried to use the debugger add-on but the error is thrown before I ever get to the point where I would receive feedback from said debugger.
I feel there must be some sort of error that either I or the previous team have made in the setup configuration for the application that is causing this. I wanted to see if I could get any feedback before I resort to stripping out the auth0-js code and replacing it with code from the React library (partly based on time, partly based on the fact that I can’t see any issues with the code itself, and partly because I am afraid that the issue is with the configuration, and that the same error would likely occur when trying to use the react library).
Looking last night, there was a pre signup hook to check specific emails were being used to access the domain, but I have disabled this now and it doesn’t appear to have been causing this particular issue.
Any help and suggestions appreciated!