Hi community. I am struggling with getting the Auth0 WordPress plugin up and running on my production site. Hoping for some pointers because I have run out of ideas.
Symptoms
In my sandbox setup, Auth0 works fine for all use cases:
- Create new user in WordPress and log in to WordPress (via Auth0) for the first time.
- Subsequent login by user.
- Update user information via management API.
On production, Auth0 works OK for all use cases except logging in to WordPress for the first time. When a new users is created in WordPress that does not exist yet in Auth0, the new user sees a “username or password is invalid” and cannot log in. I expect the same behaviour in production as I see in sandbox… that the Auth0 plugin will allow the new user to log in to WordPress for the first time using their WordPress password and a new user record is created in Auth0.
Setup
- Sandbox and Production currently share the same Auth0 tenant. The tenant is configured with the origin URL of both Sandbox and Production servers.
- Sandbox and Production share the same WordPress version (the problem appears in production on both 5.2.3 and 5.3)
- Sandbox and Production share the same Auth0 plugin 3.11.1. All other plugins disabled.
- Sandbox is http: and production is https:
HAR Files
- On sandbox, the UID and password are sent in a POST request to which Auth0 responds with 302.
- On production, the UID and password are sent in virtually identical POST (it looks like only the cookie is different) to which Auth0 responds with 400.
Auth0 Logs
- Login from sandbox shows success.
- Login from production shows “Failed Login (invalid email/username)” but the log content looks OK.
WordPress Debug Logs
- Nothing to see here.