WordPress Sessions Breaking After Auth0 Installation

Marketplace Integration Help
1

After installing and activating the Auth0 plugin, I frequently encounter the message “The link you followed has expired,” and it breaks site functionalities. Users are unable to log out, and Elementor does not work.

I have pinpointed the problem to conflicts that arise when both Elementor and WooCommerce plugins are active. My WordPress site appears not to recognize my session, as evidenced by the 403 error messages with “rest_cookie_invalid_nonce.”

Additionally, I noticed that when Auth0 is not active, the site makes a request to /wp-admin/admin-ajax.php?action=rest-nonce to retrieve the nonce. This request does not occur when Auth0 is active.

Additional Context

This issue is the SAME as (opened by me) Auth0 is breaking sessions (cache or cookies) #901 and may be related to a known problem: v5.2 nonce/cookie issue causing repeated logouts #895.

wp-auth0 Version

5.2.0

WordPress Version

6.5.3

PHP Version

8.2.13

2

Reproduction

  1. Activate the Auth0 pluginv (and add, Client ID, Client Secret & Domain).
  2. Add a auth0_cookies[secret] WP-admin Auth0>Advanced > Session Cookies > Secret. Because it is requiered and won’t allow to “Enable Authentication”
  3. Activate the WooCommerce plugin and/or the Elementor plugin.
  4. Attempt to log out a user. (after login out go to wp-admin)
  5. Try to use WooCommerce functionalities.
  6. Try to edit a page using Elementor.
  7. Attempt to deactivate any plugin via the front end.
3

Hey @seranca :wave:

Thanks for opening this issue on GitHub. We’ll continue discussions over there when I return from vacation next week.