Issue linking Google and Email Passwordless under same Group Connection (E002 error)

Embedded Wallets (Web3Auth)
,
1

  • Issue description:

    • I’m trying to implement Group Connections in Web3Auth to link multiple login methods (Google and Email Passwordless) to the same on-chain user identity.

    • I’ve successfully created and configured both individual Auth Connections (for Google and Email Passwordless) and a Group Connection containing these two. However, while Google login works as expected, the Email Passwordless login fails with the following errors.

  • Platform / Framework

    Next.js (tried with both v14.2.33 and v16.0.1)
    React v18.2.0

  • Web3Auth / Embedded Wallet SDK

    • @web3auth/modal — version 10.3.0

  • What is not working as expected

    • The email_passwordless login fails with error E002 in the Web3Auth modal.

    • The console shows a 400 Bad Request when hitting the passwordless API endpoint.

    • If I comment out the groupedAuthConnectionId, the issue persists.

    • If I comment out the entire email_passwordless object, login works again (but the resulting user is not linked to the same on-chain identity as the Google login).

  • Steps to reproduce

    1. Created auth connections for both Google and Email Passwordless in the Web3Auth Dashboard.

    2. Created a group connection and added the above two auth connections.

    3. Used the exact authConnectionId and groupedAuthConnectionId in my code as configured in the dashboard.

  • Code snippet

    const web3AuthOptions: Web3AuthOptions = {
  clientId: process.env.NEXT_PUBLIC_WEB3AUTH_CLIENT_ID || '',
  web3AuthNetwork: resolveNetwork(),
  modalConfig: {
    connectors: {
      [WALLET_CONNECTORS.AUTH]: {
        label: 'auth',
        loginMethods: {
          google: {
            name: 'google login',
            authConnectionId: 'google-login-kor-web',
            groupedAuthConnectionId: 'aggregate-sapphire-kor-web',
          },
          email_passwordless: {
            name: 'email passwordless login',
            authConnectionId: 'email-passwordless-kor-web',
            authConnection: "email_passwordless",
            groupedAuthConnectionId: 'aggregate-sapphire-kor-web',
          },
        },
      },
    },
  },
};

  • Exact error and logs

  • Package details

    "@web3auth/modal": "^10.3.0",
"@tanstack/react-query": "^5.37.1",
"react": "18.2.0",
"next": "16.0.1" (also tested with "14.2.33")

  • What I’ve tried

    • Commented out groupedAuthConnectionId → issue persists.

    • Commented out email_passwordless config → Google login works, but identity linking fails.

    • Verified all IDs (authConnectionId and groupedAuthConnectionId) match exactly with the Web3Auth dashboard.

image
image1917×1036 221 KB

2

Thanks Ritik — sorry you’re hitting this. I dug through your report and pulled out the key details so the support team can triage quickly, plus a few targeted checks and a likely culprit.

Summary of what you shared

  • Reporter: Ritik Joshi
  • SDK / Integration: MetaMask Embedded Wallets (using Web3Auth via @web3auth/modal)
  • @web3auth/modal version: 10.3.0
  • Platform: Next.js (14.2.33 & 16.0.1 tested), React 18.2.0
  • Error seen in modal: Something went wrong, error code: E002
  • Console/network: POST https://api.web3auth.io/passwordless-service/api/v3/auth/passwordless/start → 400 Bad Request
  • Code snippet (modal connectors/loginMethods) provided
  • You created Google and Email Passwordless auth connections and a Group Connection in the Web3Auth dashboard; Google works but email_passwordless returns E002 (400)

What I suspect (quick pointers)

  • The 400 from the passwordless start endpoint usually means the request body or provider configuration is incorrect or missing required fields. Common causes:
    • The Email Passwordless auth connection in the Web3Auth Dashboard is not fully configured (e.g., provider/template/allowed origins not set or verified).
    • The modal is sending an unexpected payload because of an incorrect config key in your loginMethods object. In your snippet I noticed you included authConnection: “email_passwordless” inside email_passwordless — that property looks suspicious (I don’t see that used in typical Web3Auth loginMethods config) and could be altering the request payload.
    • Grouped connections behaviour: if the group or child auth connection requires additional server-side config or secrets (some providers do), you may need to verify those values on the dashboard.

Immediate action steps to try (fast checks)

  1. Remove the extra authConnection property from your email_passwordless entry and test again. Example: keep only name, authConnectionId, and groupedAuthConnectionId (as you do for google). That extra key may be producing an invalid request body.
  2. Confirm the Email Passwordless auth connection in the Web3Auth dashboard is active and fully configured (provider, from address/template, any required API keys/secrets). Make sure any allowed origins/redirect URLs include your app origin.
  3. Test the email passwordless connection on its own (no grouping) — can you start a passwordless login if you only configure email_passwordless in modal? You said commenting out groupedAuthConnectionId didn’t help, but can you try removing Google entirely and only use email_passwordless? This isolates group vs provider problems.
  4. Inspect the failing network request body (DevTools → Network → passwordless/start). Copy the request payload (JSON). The 400 response plus request body will show what parameter is malformed or missing.

What I need from you (only if you’re comfortable sharing) — these will let support reproduce/fix quickly

  • The full Web3Auth initialization snippet (where you create Web3Auth / Web3AuthModal and call login). The connectors/loginMethods snippet is great, but the rest of init can matter.
  • The network request payload for the POST to /passwordless/start (Request body) or a screenshot of the Network tab showing request and response JSON. That will pinpoint the missing/invalid field.
  • Confirmation that the email passwordless auth connection in the Web3Auth dashboard shows as ACTIVE and any provider settings (you can redact secrets).

Useful references

If you prefer, paste the network request body here (or a screenshot). If removing the stray authConnection field fixes it, let me know and I’ll mark that as the likely root cause — if not, share the request body and I’ll point the exact missing field to the support engineers.

Thanks — you’ve given a very complete report already. If you want, I can prepare a short repro checklist for the support team after you share the network payload or the full init snippet.

Note: This response was generated by an AI bot and may require further verification. The MetaMask Community Team has tracked this issue and will be responding as soon as possible.

Additionally, we would recommend you to join our biweekly Office Hours to get this resolved even faster. MetaMask Developer Office Hours

3

Thanks a lot to the Web3Auth team! The AI-generated response on the forum was very helpful in guiding me toward the solution.

Following the suggestions, I first removed the extra authConnection property from my email_passwordless configuration. Then, inspecting the failing network request (passwordless/start) in the browser’s Network tab, I noticed the response indicated “invalid origin.”

Previously, I was unable to add my app’s origin perhaps I was doing something incorrectly but this time I was able to add it successfully. This is under the Domain section (mentioning this to help other developers).

After adding the allowed origin correctly, the Email Passwordless login worked perfectly, even within the Group Connection setup.

Thanks again to the team and the AI guidance; it really helped pinpoint the issue efficiently!