Auth0-lock does not integrate with password manager

[sedubois]

My password manager integrates very well with most websites with login/password fields, but for some reason doesn't detect the login/password fields of Auth0's lock (e.g the one at https://graph.cool).

[luisrudge]

What's your password manage? I use last pass and it works great.

[luisrudge]

I just tested this with both manage.auth0.com and graph.cool and this is indeed an issue with the latest versions. I'm not sure why it's happening and we'll try to fix it in the future.
Last pass says to show the form onload, so maybe that's the issue (because we attach to the form after the page is loaded).

[MrPrashantT]

@luisrudge Seems that it doesn't work with the built-in IE11 password manager. Tested using Lock v10.23.1.

[nemccarthy]

+1

[jambawamba]

+1 for IE11 password manager fix

[moliver-hemasystems]

Will this be getting looked at further? Since upgrading to v11, we've started receiving emails from our customers regarding the built-in IE11 (and Edge) password managers not prompting to save passwords.

[luisrudge]

Yes, but there's no ETA yet. I wonder if this is happening because lock, by default, loads itself inside a modal.. Can you try using the container option (which renders lock inside a dom element you define) to see if it works?

[moliver-hemasystems]

I don't get a prompt for IE11 or Edge when using the container option.

[luisrudge]

Ok, it was a long shot anyway.. It's in our backlog, but no ETA 😭

[saltukalakus]

Hi @luisrudge ,

Is it possible to have an ETA for this issue?

[luisrudge]

This is high on our radar right now. We still have a few outstanding issues we need to solve first, so I can't give you an exact ETA. Probably 2-3 weeks.

[luisrudge]

After some extensive testing, here's our current state with the current version 11.5.2:

Native password managers that were tested and are confirmed working:
Chrome, Firefox, Safari

3rd Party password managers that were testing and are confirmed working:
Last Pass
1Password

After some extensive testing and debugging, I found that the problem with both IE and Edge is an issue with one of our dependencies (React JS). I wrote a detailed step-by-step repro guide so the react team to investigate and fix the issue. At this time, there's nothing we can do to make it work with both IE and Edge.

I'm closing this issue because there's nothing we can do except wait for a fix from the react team so we can update our dependency.

[alex-holt]

Hi folks, Is this issue being tracked anywhere else?

I'm concerned as you mentioned Chrome is working but it doesn't seem to be working for me on Mac using Lock 11.3

[luisrudge]

I also tried in chrome@mac and it worked at the time.

[alex-holt]

Thanks @luisrudge, maybe it's something I'm not configuring correctly and I may need to do more research there.

That said, you're reasonable confident that lock 11.3 widget works in recent versions of Edge, Chrome, FF & Safari?

[luisrudge]

lock works across all browsers (for IE10, you might need to provide your own state/nonce). The password manager feature (the native browser experience) doesn't work on IE and Edge because of the reasons outlined here

[moranlemusj]

Hey @luisrudge, I was wondering if there is still an issue with 1Password. I am getting an issue where it won't fill for certain accounts, but will do so for others.

[luisrudge]

@moranlemusj are you using enterprise connections?

[moranlemusj]

@luisrudge I'm not, but the error I am getting is as if I was, I'm getting VM1026:1 Unable to fill because
-- is not within our allowed domains

[luisrudge]

Where does this error comes from?

[moranlemusj]

@luisrudge the weird thing is it only happens with certain accounts, with others it works fine. It occurs whenever I click one of those accounts on the lock widget (v11 btw)

[luisrudge]

This error string doesn't come from lock, so I'm not sure how to help you on this. We have a fix (#1407) in place for some weird behavior of password managers and lock, but I don't think it's related to your issue. Since you can login with some accounts and not with others, this is probably related to a 1Password configuration you have.

[moranlemusj]

Ohh... thanks, I'll look at it from that end

[danielpater]

@luisrudge You described this issue to be related to specific versions of the react dependency above and opened this issue for it.
Since the issue with react seems to fixed in react@16.4.1: When will the updated dependency will be used in Lock and on the Universal Login Page?

Thank you.

[luisrudge]

@danielpater I can't say for sure that we'll do that in the current v11.x - we're assessing if and when we should release a new major version which puts react as a peerDependency so this is not an issue anymore. The problem with that is that this requires a lot of doc changes and will take time once we decide to do it. For now, we have other priorities.

[danielpater]

@luisrudge Thank you for your quick response. Would be great to see that in v11.x as soon as possible, but of course I understand that it's not your highest priority.
Please provide a short update here if you're are making any changes affecting this issue.