I’m trying to finalize a somewhat complicated setup involving Auth0, AzureAD-B2C and ActiveDirectory, but I’m having this weird error I can’t interpret, and thus it’s hard to tell the guys managing identity providers what is wrong.
I’m connecting an iOS native app with an Auth0 enterprise connection plugged into an AzureAD-B2C identity provider. When my users authenticate with AzureAD-B2C directly, everything works fine, the session goes through and they are able to log in to the app. But there is one more bit of complexity: because we have 2 kinds of users:
- B2C customers stored in AzureAD-B2C itself
- employees stored in a separate Active Directory
So the guys managing both of these identity providers are trying to configure their security policy so that on the login page, in addition to the Azure B2C login form and sign up button, there is also a “Connect with AD” button for employees, that redirects them again vers the Active Directory login.
And that’s where things go bad, because after the user logs in to his Active Directory account, he is somehow redirected to Auth0, but he gets the following error message:
“Oops!, something went wrong. You may have pressed the back button, refreshed during login, opened too many login dialogs, or there is some issue with cookies, since we couldn’t find your session. Try logging in again from the application and if the problem persists, please contact the administrator”
And indeed, in the Auth0 logs of my environment I see this:
{
"date": "2019-04-12T08:54:19.617Z",
"type": "f",
"description": "You may have pressed the back button, refreshed during login, opened too many login dialogs, or there is some issue with cookies, since we couldn't find your session. Try logging in again from the application and if the problem persists please contact the administrator.",
"connection_id": "",
"ip": "49.217.187.25",
"user_agent": "Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.1 Mobile/15E148 Safari/604.1",
"details": {
"body": {},
"qs": {
"error": "server_error",
"error_description": "AADB2C90289: We encountered an error connecting to the identity provider. Please try again later.\r\nCorrelation ID: f5e440b1-2b2b-4e55-a318-ef82df67691e\r\nTimestamp: 2019-04-12 08:54:18Z\r\n",
"state": "RKN7XYDGT_xag4Kr4TbQEDy6v2mMJ9IE"
},
"error": {
"message": "You may have pressed the back button, refreshed during login, opened too many login dialogs, or there is some issue with cookies, since we couldn't find your session. Try logging in again from the application and if the problem persists please contact the administrator.",
"oauthError": "invalid_request",
"type": "request-error"
}
},
"hostname": "derbigum-qa.eu.auth0.com",
"log_id": "90020190412085419617963219260888643271217201812678377474"
}
My problem is that I don’t have information in there to help me figure out what’s wrong with the redirection I receive back from AzureAD-B2C or Active Directory itself, and I don’t know how to help them.
Any idea?