Users occasionally see an error "You may have pressed the back button..."

Knowledge Solutions
, , ,
1

Problem statement

A low percentage of users occasionally see an error page with the following message.

You may have pressed the back button, refreshed during login, opened too many login dialogs, or there is some issue with cookies, since we couldn’t find your session. Try logging in again from the application and if the problem persists please contact the administrator.

Symptoms

  1. The issue is happening to a small percentage of users.
  2. With the small number of affected users, it happens consistently.

Troubleshooting

There is no Default Login Route configured for the tenant, nor is there an Application Login URI configured for any applications.

Cause

This error can occur depending on certain end user interaction with the login page or login flow. Here are some of the behaviors that may produce this error:

  • Attempting to go to the login page through a bookmarked link.
  • Pressing the back button mid-login flow.
  • Refreshing the page during the login flow.
  • Opening multiple login dialogs.
  • Browser cookie settings blocking cookies.

Users will only see this error if there is no Default Login Route configured for the tenant, or an Application Login URI configured for the application they are logging into.

Solution

Configuring a Default Login Route either at the tenant level or at the application level will allow users to be redirected to that URL rather than see this error message.

These URIs can be configured with the Dashboard in Application Settings or Tenant Advanced Settings or with the Management API. Follow the steps or video below.

To configure an Application Login URI for an application:

  1. Go to Dashboard > Applications > Application Settings for the application.
  2. Scroll down to the Application URIs section.
  3. Enter the login URL in the Application Login URI field.

image
image991×215 16.7 KB

Note that this login URL should point to a route in the application that ends up redirecting to Auth0’s /authorize endpoint, e.g. https://mycompany.org/login . Also note that it requires https and it cannot point to localhost, though it can include query parameters and a URI fragment.

To configure a Tenant Login URI:

  1. Go to the Dashboard > Settings > Advanced.
  2. In the Login and Logout section, enter a login URL in the Tenant Login URI field.

image
image1011×613 45.1 KB

What’s the difference between an Application Login URI and a Tenant Login URI?

Both Default Login URIs address the same issue; however, sometimes Auth0 will not know the client id (e.g., when hitting the /login endpoint without any parameters), so in those cases, the Tenant Login URL can be used as a fallback. If an application does not have an Application Login URI configured, the Tenant Login URI will be used as well.

For the cases where the client_id is known, the App’s Default Login URI will come into action.

Another solution is in the Allowed Callback URI when using a custom URI scheme. This was the old way to redirect the native app. Now, HTTPS can be used instead. Refer to the documentation on Redirect Users for more details.

Related References: