Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Login required error when using local storage and refresh tokens

See original GitHub issue

Describe the problem

I’ve configured auth0 client to use local storage and useRefreshTokens. When I try it out in Chrome with incognito mode, where third party cookies are disabled, login_required error is shown although the user is already logged.

What was the expected behavior?

Cookie should not be checked and token should be obtained directly according to https://auth0.com/docs/tokens/concepts/refresh-token-rotation

Reproduction

Configure authClient as:

  createAuth0Client({
    ...
    useRefreshTokens: true,
    cacheLocation: 'localstorage'
  });

Login in Chrome with third party cookies disabled
Get token silently

Issue Analytics

State:
Created 3 years ago
Comments:11 (8 by maintainers)

Top GitHub Comments

1reaction

stevehobbsdevcommented, Sep 21, 2020

@luisfmsouza It sounds like you might be using the createAuth0Client method to instantiate the SDK, which calls checkSession internally as part of its setup. You can avoid this if you wish by instead accessing the constructor directly, which allows you do your setup manually and handle errors yourself:

const client = new Auth0Client({ /* options */ });

Does this help?

0reactions

stevehobbsdevcommented, Oct 7, 2020

Closing this for now, but feel free to continue discussion if there’s anything else we can look into.

Top Results From Across the Web

`getTokenSilently` throws `login_required` error when waking ...

For context: I am using auth0 in a vue app with "@auth0/auth0-spa-js": "^1.12.0" with local storage cache and rotating refresh tokens.

Application Not Loading Token from LocalStorage After Sign ...

The issue happens after login and saving the token to localStorage and routes to the proper component to handle the next request. The...

Single-page application: Acquire a token to call an API

If no access token is found or the access token found has expired, it attempts to use its refresh token to get a...

Persistent login in React using refresh token rotation

There are several ways to store tokens within client sessions: in memory, via silent authentication, and in the browser's local storage. Storing ...

Refresh access tokens - Okta Developer

You request a refresh token alongside the access and/or ID tokens as part of a user's initial authentication and authorization flow.

Troubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.

Start Free

Top Related Reddit Thread

No results found

Top Related Tweet

No results found

Top Related Dev.to Post

No results found

Login required error when using local storage and refresh tokens

Describe the problem

What was the expected behavior?

Reproduction

Issue Analytics

Top GitHub Comments

Top Results From Across the Web

Top Related Medium Post

Top Related StackOverflow Question

Troubleshoot Live Code

Top Related Reddit Thread

Top Related Hackernoon Post

Top Related Tweet

Top Related Dev.to Post

Top Related Hashnode Post

FERRT errors from getTokenSilently intermittently during concurrent requests

On Netlify: `window.crypto` is required to run `auth0-spa-js`