Posts

Showing posts from May, 2020

Solving consent_required Auth0 SPA SDK

I've been playing with the Auth0 SPA SDK https://auth0.com/docs/libraries/auth0-spa-js # What's wrong I keep running into an issue where I an error is thrown with code `consent_required` when trying to initialise the Auth0 client by calling `createAuth0Client` that is brought in from the library `import createAuth0Client from "@auth0/auth0-spa-js"`. # Why's it's going wrong Reading into it this is because the `createAuth0Client` function is calling `getTokenSilently` as part of the creation. This call fails when a user has a current session but the parameters of the authenticaion have changed to require the user accepts some updated conditions. Examples of where this is going to happen are adding or modifying the `useRefreshTokens`, `scope`, or `audience` properties passed to `createAuth0Client`. Note: This will only happen the first time that these permissions are introduced for a user. If the logged in user has previously accepted these the prompt