I’ve been building an application, which uses the Auth0 hosted UI to log users into the app. I have configured both an SPA and an API in the console. I’ve set up 3 permissions for the API.
I created a user account, and granted him permissions to the 3 Permissions on my API. When the user logs in, I can fetch the user in my SPA using getAuthTokenSilently(). When I check the user’s permissions in the response, all 3 permissions are there.
Great!
For a while, I was testing this app and all was working as expected. Then I configured the app to create new users using Management API. That all worked great too!
Then when I tried to log in with the new user, I got the “consent_error” issue. I looked to see what was wrong, and I couldn’t find out what would be the issue on the newly created account. I tried to delete the newly created account, and of course I accidentally deleted the good account. I tried to recreate it, and now BOTH are broken. All accounts now give the “consent_error”.
I’ve tried hosting my app on Cloud Run to try and eliminate any localhost issues with the consent form. No luck.
In my original configuration, the user account that worked had access to 3 Applications. 1 being my custom API, one being the Management API, and one was a dummy account that had no permissions or anything associated with it.
On any new accounts I create, I cannot add the Management API as an app, nor can I seem to add any other application.
I have no idea what’s going on. This seemed so straight forward to set up the first time, now I’ve sunk 2 days into trying to figure this out. I’m trying to convince my client to purchase a 2 year contract with this product, but if this is going to be my experience, I’m not sure I should continue to push them for it.