Title: igoldsmith's Replies | WordPress.org --- # igoldsmith [ ](https://wordpress.org/support/users/igoldsmith/) * [Profile](https://wordpress.org/support/users/igoldsmith/) * [Topics Started](https://wordpress.org/support/users/igoldsmith/topics/) * [Replies Created](https://wordpress.org/support/users/igoldsmith/replies/) * [Reviews Written](https://wordpress.org/support/users/igoldsmith/reviews/) * [Topics Replied To](https://wordpress.org/support/users/igoldsmith/replied-to/) * [Engagements](https://wordpress.org/support/users/igoldsmith/engagements/) * [Favorites](https://wordpress.org/support/users/igoldsmith/favorites/) Search replies: ## Forum Replies Created Viewing 6 replies - 1 through 6 (of 6 total) * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Login by Auth0] auth0 is broken](https://wordpress.org/support/topic/auth0-is-broken-2/) * [igoldsmith](https://wordpress.org/support/users/igoldsmith/) * (@igoldsmith) * [7 years, 9 months ago](https://wordpress.org/support/topic/auth0-is-broken-2/page/2/#post-10665043) * Thanks for the quick and helpful interaction. * Ian * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Login by Auth0] auth0 is broken](https://wordpress.org/support/topic/auth0-is-broken-2/) * [igoldsmith](https://wordpress.org/support/users/igoldsmith/) * (@igoldsmith) * [7 years, 9 months ago](https://wordpress.org/support/topic/auth0-is-broken-2/#post-10664951) * Ok – that was simple. I just needed to add my homepage to the allowed web origin config in the Auth0 App. I think what had happened is that the Application definitions in Auth0 had growth a bunch of new fields over time, and I had not configured them. Having done that now it seems to be working. * Ian * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Login by Auth0] auth0 is broken](https://wordpress.org/support/topic/auth0-is-broken-2/) * [igoldsmith](https://wordpress.org/support/users/igoldsmith/) * (@igoldsmith) * [7 years, 9 months ago](https://wordpress.org/support/topic/auth0-is-broken-2/#post-10664922) * We are not using implicit (that option is turned off in settings). * The version is: * [https://cdn.auth0.com/js/lock/11.5/lock.min.js](https://cdn.auth0.com/js/lock/11.5/lock.min.js) * No custom database. * The login from Auth0 users with username/password always used to work. The issue below is likely the cause since Auth0 deprecated the legacy APIs. Not sure what I need to do to make this work from the plugin. I really don’t want to have to mess around in PHP code to make this work, and don’t feel like paying for a custom domain. * The JS console shows a CORS problem: * Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at [https://akanacloud.auth0.com/co/authenticate](https://akanacloud.auth0.com/co/authenticate).( Reason: CORS header ‘Access-Control-Allow-Origin’ missing). Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at [https://akanacloud.auth0.com/co/authenticate](https://akanacloud.auth0.com/co/authenticate).( Reason: CORS request did not succeed). * Ian * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Login by Auth0] auth0 is broken](https://wordpress.org/support/topic/auth0-is-broken-2/) * [igoldsmith](https://wordpress.org/support/users/igoldsmith/) * (@igoldsmith) * [7 years, 9 months ago](https://wordpress.org/support/topic/auth0-is-broken-2/#post-10664706) * BTW: if you want to see this in person you can visit [https://billing.akana.com](https://billing.akana.com) and try to sign up with a local account. * Ian * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Login by Auth0] auth0 is broken](https://wordpress.org/support/topic/auth0-is-broken-2/) * [igoldsmith](https://wordpress.org/support/users/igoldsmith/) * (@igoldsmith) * [7 years, 9 months ago](https://wordpress.org/support/topic/auth0-is-broken-2/#post-10664491) * I made some progress. I created a new local (to wordpress) admin user directly in MySQL, and was able to login using login.php?wle. I found that the Auth0 update hadn’t worked so completed that, including all the steps around using the management API with a one-time token. All good. I can now login again using social accounts( Google). I still can’t login using any locally created accounts (show in the list in Auth0 as Username-Password). I can create new accounts, but can’t login to these. What happens now is that when I try and login (or complete the registration step – the final login – for a new user) the lock form shows a red error “We’re sorry, something went wrong when attempting to log in.” at the top of the form. * I’m not seeing any errors in the Auth0 error log in wordpress, or in the Auth0 dashboard. * Not really sure what’s happening at this point. * Thanks, * Ian * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Login by Auth0] auth0 is broken](https://wordpress.org/support/topic/auth0-is-broken-2/) * [igoldsmith](https://wordpress.org/support/users/igoldsmith/) * (@igoldsmith) * [7 years, 9 months ago](https://wordpress.org/support/topic/auth0-is-broken-2/#post-10664145) * Oh dear, I’m working with Fory on this and it’s just got worse. We found that users authenticating via Google were working ok, it was the users created directly in Auth0 as self-registered that were not working. I had a Google (gmail) user, but that user wasn’t an admin. We dove into the WP database and changed my user to be an admin, perfect. Then decided once I was logged in that we should update the Auth0 plugin. That seemed to work, but now we can’t login as my Google user anymore. Attempts to login result in the message that “The URL “[https://billing.akana.com/wp-login.php”](https://billing.akana.com/wp-login.php”); is not in the list of allowed callback URLs.” Ok – I added that to the list of callback URLs allowed for the application, but of course that doesn’t help, because it’s the wrong URL. It should be going to [https://billing.akana.com/index.php?auth0=1](https://billing.akana.com/index.php?auth0=1). * Now because we can’t login, we can’t change anything. * I believe the root of the whole issue is that early August deprecation of the legacy lock API. But I don’t know how I can fix any of this now. * Ian Viewing 6 replies - 1 through 6 (of 6 total)