This article explains an issue that occurs when using the React Native Auth0 SDK. The getCredentials() method returns undefined, even when the user object returned from useAuth0() is defined and non-null, causing authenticated API calls to fail.

• React Native Auth0 SDK

This issue can be caused by the following factors:

• Missing Device-Level Security Features: The getCredentials() method requires device-level security, for example, a screen lock or biometrics, to be enabled. If these features are not configured, the method may silently return undefined.

• Keychain Modification or Overwrite: If the device's keychain is modified without proper namespacing, it may overwrite Auth0 credentials. For example, the following could interfere with stored Auth0 tokens:

  await Keychain.setGenericPassword('passcode', passcode);

1. Upgrade to SDK Version 5 or a later version. Version 5 of the React Native Auth0 SDK includes improved error handling for methods like getCredentials(), which now throw errors instead of returning undefined. This change is detailed in the SDK v5 Migration Guide.
2. Enable device-level security. A secure screen lock, biometrics, or other device-level protections required by the native credential storage must be enabled.
3. Use default service namespace settings. When using react-native-keychain or similar libraries, use default settings to prevent accidental overwrites:

await Keychain.setGenericPassword('passcode', passcode, {
  service: 'your.service.name',
});