Auth0 Home Blog Docs

WordPress Auth0 Works Fine on Sandbox, Fails to Create New Users on Production

Hi community. I am struggling with getting the Auth0 WordPress plugin up and running on my production site. Hoping for some pointers because I have run out of ideas.

Symptoms

In my sandbox setup, Auth0 works fine for all use cases:

  • Create new user in WordPress and log in to WordPress (via Auth0) for the first time.
  • Subsequent login by user.
  • Update user information via management API.

On production, Auth0 works OK for all use cases except logging in to WordPress for the first time. When a new users is created in WordPress that does not exist yet in Auth0, the new user sees a “username or password is invalid” and cannot log in. I expect the same behaviour in production as I see in sandbox… that the Auth0 plugin will allow the new user to log in to WordPress for the first time using their WordPress password and a new user record is created in Auth0.

Setup

  • Sandbox and Production currently share the same Auth0 tenant. The tenant is configured with the origin URL of both Sandbox and Production servers.
  • Sandbox and Production share the same WordPress version (the problem appears in production on both 5.2.3 and 5.3)
  • Sandbox and Production share the same Auth0 plugin 3.11.1. All other plugins disabled.
  • Sandbox is http: and production is https:

HAR Files

  • On sandbox, the UID and password are sent in a POST request to which Auth0 responds with 302.
  • On production, the UID and password are sent in virtually identical POST (it looks like only the cookie is different) to which Auth0 responds with 400.

Auth0 Logs

  • Login from sandbox shows success.
  • Login from production shows “Failed Login (invalid email/username)” but the log content looks OK.

WordPress Debug Logs

  • Nothing to see here.