Content Security Policy directive: "frame-ancestors 'none' When Using getAccessTokenSilently with Auth0

[parth25]

Checklist

• The issue can be reproduced in the auth0-react sample app (or N/A).
• I have looked into the Readme, Examples, and FAQ and have not found a suitable solution or answer.
• I have looked into the API documentation and have not found a suitable solution or answer.
• I have searched the issues and have not found a suitable solution or answer.
• I have searched the Auth0 Community forums and have not found a suitable solution or answer.
• I agree to the terms within the Auth0 Code of Conduct.

Description

When we attempt to get a token using getAccessTokenSilently after a session has expired, we receive the following error:

Refused to frame 'https://****.uk.auth0.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'

Repository:

https://github.com/parth25/pos-react-auth0

Reproduction

1. Allow the user session to expire.
2. Call getAccessTokenSilently to retrieve a new access token.
3. Observe the error in the console.

Additional context

We are using Universal Login for our Auth0 setup.
This issue appears to be related to the Content Security Policy settings of our Auth0 tenant. The frame-ancestors 'none' directive is preventing the request.

auth0-react version

2.2.4

React version

18.2.0

Which browsers have you tested in?

Chrome, Firefox