Category
Support: Common Issues
All support articles related to Common Issues.

Troubleshooting Authentication Issues

TroubleshootingCommon IssuesLogin IssuesErrorsDebugging

Common Authentication Issues and Solutions

This guide covers the most frequent authentication issues reported by our users and provides step-by-step solutions to resolve them.

1. Login Failures

Symptoms

  • Users can't log in despite correct credentials
  • Error messages about invalid username/password
  • Repeated login prompts

Solutions

Check user status:

  1. Go to your Authoh Dashboard > Users
  2. Locate the user account
  3. Verify the account is active and not blocked or suspended
  4. Check if email verification is pending

Reset user password:

await auth.resetPassword({
  email: 'user@example.com'
});

Verify provider connections: If using social login, ensure the provider connection is properly configured in your dashboard.

2. Token Expiration Problems

Symptoms

  • Users are repeatedly logged out
  • "Unauthorized" errors after short periods
  • Session timeouts earlier than expected

Solutions

Adjust token lifetime:

  1. Go to Dashboard > Settings > Tokens
  2. Increase the access token lifetime (default: 60 minutes)
  3. Increase the refresh token lifetime if needed (default: 14 days)

Implement proper token refresh:

// Check if token is expired before making API calls
if (auth.isTokenExpired()) {
  await auth.refreshToken();
}

// Or set up automatic token refresh
auth.enableAutomaticTokenRefresh();

3. CORS Errors

Symptoms

  • Console errors about CORS policy violations
  • Authentication works locally but fails in production
  • API calls failing with 403 errors

Solutions

Configure allowed origins:

  1. Go to Dashboard > Settings > API
  2. Add your application domains to the Allowed Origins list
  3. Use wildcards sparingly (e.g., *.yourdomain.com)

Check request headers: Ensure your API requests include the correct headers:

fetch('https://api.yourdomain.com/data', {
  headers: {
    'Authorization': `Bearer ${auth.getAccessToken()}`,
    'Content-Type': 'application/json'
  }
})

4. MFA/2FA Issues

Symptoms

  • Users can't complete multi-factor authentication
  • MFA codes not being accepted
  • Users locked out after device changes

Solutions

Reset MFA for a user:

  1. Go to Dashboard > Users
  2. Select the user experiencing issues
  3. Navigate to the Security tab
  4. Click "Reset MFA"
  5. The user will need to set up MFA again on their next login

Provide backup codes: Make sure users have access to their recovery/backup codes that were generated when they set up MFA.

Check time synchronization: For time-based OTP (TOTP), ensure the user's device has correct time and date settings.

5. API Authentication Failures

Symptoms

  • API requests failing with 401 errors
  • JWT validation errors
  • Token signature issues

Solutions

Verify API keys and secrets:

  1. Go to Dashboard > API > Keys
  2. Verify you're using the correct API keys
  3. Regenerate keys if necessary (note: this will invalidate existing keys)

Check JWT configuration:

// Ensure you're using the correct audience and scope
const accessToken = await auth.getTokenSilently({
  audience: 'https://api.yourdomain.com',
  scope: 'read:data write:data'
});

Need More Help?

If you're still experiencing issues after trying these solutions:

  1. Check our detailed documentation
  2. Look through previous support threads for similar issues
  3. Contact our support team with specific details about your problem

Our team is available to help Monday through Friday, 9am-5pm EST.

Read more