Auth0 Home Blog Docs

WordPress Plugin: 404 upon successful authentication

wordpress

#1

We’ve been using the WordPress plugin successfully for months. Today, with no other relevant changes (plugin v3.5.2) we are getting a 404 when a user authenticates with Google or LinkedIn. They return to a URL like this one:

https://domain.com/index.php?auth0=1&code=3oFUE6W-SUVz2f7r&state=eyJpbnRlcmltIjpmYWxzZSwidXVpZCI6IjVhYzgyMzkxNjZlMGEiLCJyZWRpcmVjdF90byI6Imh0dHBzOlwvXC9maXRzbWFsbGJ1c2luZXNzLmNvbVwvd3AtYWRtaW5cLyIsInN0YXRlIjoibm9uY2UifQ%3D%3D#

This 404s but if you repeat it or shorten the “state” value it redirects to https://domain.com/?message=Invalidauthorizationcode# (which seems to indicate the code is being processed but the “state” is messing things up.

I noticed the two URL encoded characters at the end of “state” - is that messing something up? Any ideas as to why this URL is 404-ing despite being seemingly accurate and matching expected functionality?


#3

Hey Auth0 team, is there a better support option than the community if I upgrade? Having a serious error that gets no response seems to make this community less than useful for production environments.


#4

Is this only happening with Google and LinkedIn? But your other connections work? Is it just one user or multiple users? In any specific environments where this issue is happening (e.g. a particular browser, etc.)? I’m currently looking into the wp plugin and going to see what may cause this issue in this case.


#5

Thanks, Kim!

We are only using Google and LinkedIn, so I can’t speak to other services, but it seems consistent for any user who is newly logging in. When I do it in an Incognito Window with either Google or LinkedIn, it fails consistently with the same error as above (which appears to be the server 404-ing because it can’t read the query string successfully).

In my Chrome browser that holds an existing session and related cookies, it seems to be allowing me to log in and out, but I was already logged into Google and LinkedIn in that scenario (I just logged out of WordPress).


#6

Thanks for getting back to me! The state value looks good. The link you provided, is that what shows in the browser when you get the WP 404 page?

I just have a few more questions that will help us find out what’s going on! Do you have Implicit login turned on in the Advanced portion of the settings section? Were any config changes made on the host side? And lastly, are there by chance any relevant entries in the error log in wp-admin?