Troubleshoot Auth0-PHP Library
The following is a list of issues you might see when using the Auth0-PHP library and how you might troubleshoot these issues.
I'm getting an "Invalid State" exception when trying to log in.
State validation was added in 5.1.0 for improved security. By default, this uses session storage and will happen automatically if you are using a combination of Auth0::login()
and any method which calls Auth0::exchange()
in your callback.
If you need to use a different storage method, implement your own StateHandler and set it using the state_handler
config key when you initialize an Auth0
instance.
If you are using Auth0::exchange()
and a method other than Auth0::login()
to generate the Authorize URL, you can disable automatic state validation by setting the state_handler
key to false
when you initialize the Auth0
instance. It is highly recommended to implement state validation, either automatically or otherwise.
I am getting curl error 60: SSL certificate problem: self-signed certificate in certificate chain
on Windows
This is a common issue with the latest PHP versions under Windows OS (it is related to an incompatibility between Windows and OpenSSL CA's database).
Download this CA database
https://curl.haxx.se/ca/cacert.pem
toc:/cacert.pem
.Edit your php.ini and add
openssl.cafile=c:/cacert.pem
. (It should point to the file you downloaded.)
My host does not allow using Composer
This SDK uses Composer for maintaining dependencies (required external PHP libraries). If Composer is not allowed or installed on your host, install Composer locally, follow the installation instructions there, then upload your entire application, vendor folder included, to your host.