Skip to content

Error thrown for enterprise connection with no domains configured #2733

New issue
New issue
Open
Open
Error thrown for enterprise connection with no domains configured#2733
Labels
bugThis points to a verified bug in the code
@ksapchuk

Description

@ksapchuk
ksapchuk
opened on Feb 28, 2026

Checklist

  • I have looked into the Readme and Examples, and have not found a suitable solution or answer.
  • I have searched the issues and have not found a suitable solution or answer.
  • I have searched the Auth0 Community forums and have not found a suitable solution or answer.
  • I agree to the terms within the Auth0 Code of Conduct.

Description

matchConnection in src/connection/enterprise.js throws a TypeError when an enterprise connection has no domains configured. Either connections without domains need to be filtered out or an undefined domain value should be handled.

  return l.connections(m, 'enterprise', ...strategies).find(x => {
    return x.get('domains').contains(target); // throws if domains is undefined
  });

Reproduction

  1. Configure an enterprise connection (e.g. samlp or oidc) with no domain entries.
  2. Initialize Lock as part of a third party client auth flow.
  3. Type any email address into the email field.
  4. Observe TypeError: Cannot read properties of undefined (reading 'contains') thrown from matchConnection.

Additional context

We are running into this issue as part a third party client auth flow for our MCP server https://auth0.com/ai/docs/mcp/get-started/authorization-for-your-mcp-server

Lock version

14.2.4

Which browsers have you tested in?

Chrome

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugThis points to a verified bug in the code

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions