Unknown or invalid login ticket

voronin · December 7, 2018, 1:57pm

Hi there!

I read tons of guidlines, how to make Cross-Origin Authentication on Safari works. But I have no success at all. I’ve setted up Create a Cross-Origin Verification Page regarding documentation but anyway I get the following error:

"error": {
  "message": "Unknown or invalid login ticket.",
  "oauthError": "access_denied",
  "type": "oauth-authorization"
}

I’m using auth0-js@9.3.2 in my SPA.

charsleysa · December 8, 2018, 2:50am

Hi @voronin

Cross-Origin Authentication doesn’t work if third-party cookies are disabled.

As discussed in these docs your two options are use Custom Domains or provide a Cross Domain verification page.

The Cross Domain verification page does have limitations and a browser support matrix can be found here.

You can find some more information and back story in this issue and this issue.

Hope this helps!

voronin · December 9, 2018, 4:04pm

Hi! Thanks for your answer. Am I right, in order to make Auth0 works under Safari, the only way is Custom Domains?

charsleysa · December 10, 2018, 12:59am

If you need Auth0 with Cross Domain support then as far as I know, yes the only way is Custom Domains.

There are other options depending on your needs, if you use Universal Login (or willing to use it) then you should be able to get away with not needing Cross Domain support by using web response mode.