Deprecation Error Reference

Deprecation Error Reference

When Auth0 features are deprecated, there may be errors or notices in the tenant logs that show up to indicate that your applications are using the deprecated features. This guide will provide assistance with searching your logs for deprecation related messages as well as explanations of potential causes and resolutions for particular items.

How to search logs for deprecation warnings

There are two different ways to search for warning messages showing usage of deprecated features: The Dashboard or the Management API. Note that in either case, the log retention period is governed by the subscription level of your account.

Search logs via the Dashboard

If your application uses a deprecated feature, a Deprecation Notice message will show up in the Logs section of the Dashboard.

In order to not overwhelm the logs with repetitive messages, deprecation notes will only be shown once per hour (the first time it occurs within that hour) rather than for each authentication transaction involving the deprecated feature.

Navigate to the Logs screen in the Dashboard. Search for deprecation related messages by entering type:depnote in the query box.

Dashboard - Logs

A list of deprecation related warning messages from your logs will be shown, if any exist.

The Description field provides information on the particular deprecated feature used. Clicking on the link in the Event column for each item will show additional information such as the client id which identifies the client application using the deprecated feature.

Clicking each item and selecting Context Data will give you details about the item:

Dashboard - Logs

Dashboard - Logs

Search logs via the Management API

Customers can also use the Management API to search through logs for such messages by looking for "Type" = "depnote".

To check your logs using the Management API, go to the Management API.

If you have not already done so, get and get an API token.

Management API - Token Setup

On the left, navigate to Logs > Search log events and then scroll down to Parameters.

Management API - Logs

In the q field enter: type:"depnote"

Click on the TRY button. If successful, you should see a screen similar to the one below.

Management API - Logs - Results

  • The results will match one of the messages + descriptions below.
  • The Client ID field in the results will indicate which application (client) on your tenant is using the deprecated feature.

Deprecation Log Messages


Management API - Legacy Lock Results

Error Description: "Legacy Lock API: This feature is being deprecated. Please refer to our documentation to learn how to migrate your application."

Cause Resolution
You are using a legacy version of embedded Lock or Auth0.js SDK. Migrate away from the deprecated library versions as soon as possible.
Calling the /usernamepassword/login endpoint directly. Use the Lock or Auth0.js libraries instead.
Automatic monitoring tools making requests to login page If you have an automatic monitoring tool making requests to the login page, the tool will likely not preserve state correctly and will cause the Legacy Lock API error to occur in your logs. Use of the tool should either be discontinued, or accounted for when considering causes of the log notices.
Coding errors in a customized Universal Login Page Make sure the state and _csrf fields are passed to Lock or Auth0.js in your customized login page. They are by default included in the config.internalOptions object, but if this is removed during customization, the error occurs.


Management API - getSSOData Results

Error Description: "SSOdata endpoint: This feature is being deprecated. Please refer to our documentation to learn how to migrate your application."

Cause Resolution
Either calling the /ssodata directly or using old versions of embedded Lock or Auth0.js SDK to call a function which called the /ssodata endpoint. Migrate to Universal Login or migrate to Lock v11 or Auth0.js v9.

Legacy Lock API troubleshooting

Tenant log entries regarding the Legacy Lock API may include the referrer and information about the SDK used. This information can be used to see if any of your applications use outdated libraries.