"Unable to read the Aura token from the response." Error

[JNiedleCADMV]

Describe the bug After installing and starting the local LWC dev server, opening a component, and making a callout to an aura enabled function, an error is returned in the output of VS Code:

Timed out waiting for initConfig
Error: Uncaught [Error: Unable to read the Aura token from the response.]
    at reportException (C:\Users\username\AppData\Local\sfdx\node_modules\jsdom\lib\jsdom\living\helpers\runtime-script-errors.js:62:24)
    at processJavaScript (C:\Users\username\AppData\Local\sfdx\node_modules\jsdom\lib\jsdom\living\nodes\HTMLScriptElement-impl.js:243:7)
    at HTMLScriptElementImpl._innerEval (C:\Users\username\AppData\Local\sfdx\node_modules\jsdom\lib\jsdom\living\nodes\HTMLScriptElement-impl.js:168:5)
    at onLoadExternalScript (C:\Users\username\AppData\Local\sfdx\node_modules\jsdom\lib\jsdom\living\nodes\HTMLScriptElement-impl.js:90:12)
    at onLoadWrapped (C:\Users\username\AppData\Local\sfdx\node_modules\jsdom\lib\jsdom\browser\resources\per-document-resource-loader.js:53:33)
    at Object.check (C:\Users\username\AppData\Local\sfdx\node_modules\jsdom\lib\jsdom\browser\resources\resource-queue.js:76:23)
    at C:\Users\username\AppData\Local\sfdx\node_modules\jsdom\lib\jsdom\browser\resources\resource-queue.js:119:14
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5) Error: Unable to read the Aura token from the response.
    at https://instanceName.sandbox.my.salesforce.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22one%3Aone%22%2C%22fwuid%22%3A%22emxZN2gzQnZ0X3FSYS1kQnBRbHV4QWI4T1Q3UVpoR0gtemxDX3B4aTM3bVEyNDQuMjAuMS0yLjQxLjQ%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fone%3Aone%22%3A%22Oi9nGzP0p0nN6sT1vovqdg%22%7D%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22618546923%22%7D/inline.js?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..rNmxe1rsA0yPf_tRuFSwaRV-xPGbRn37bhnbM06hEsU:58:15
    at https://instanceName.sandbox.my.salesforce.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22one%3Aone%22%2C%22fwuid%22%3A%22emxZN2gzQnZ0X3FSYS1kQnBRbHV4QWI4T1Q3UVpoR0gtemxDX3B4aTM3bVEyNDQuMjAuMS0yLjQxLjQ%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fone%3Aone%22%3A%22Oi9nGzP0p0nN6sT1vovqdg%22%7D%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22618546923%22%7D/inline.js?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..rNmxe1rsA0yPf_tRuFSwaRV-xPGbRn37bhnbM06hEsU:659:2
    at Script.runInContext (node:vm:141:12)
    at Object.runInContext (node:vm:291:6)
    at processJavaScript (C:\Users\username\AppData\Local\sfdx\node_modules\jsdom\lib\jsdom\living\nodes\HTMLScriptElement-impl.js:241:10)
    at HTMLScriptElementImpl._innerEval (C:\Users\username\AppData\Local\sfdx\node_modules\jsdom\lib\jsdom\living\nodes\HTMLScriptElement-impl.js:168:5)
    at onLoadExternalScript (C:\Users\username\AppData\Local\sfdx\node_modules\jsdom\lib\jsdom\living\nodes\HTMLScriptElement-impl.js:90:12)
    at onLoadWrapped (C:\Users\username\AppData\Local\sfdx\node_modules\jsdom\lib\jsdom\browser\resources\per-document-resource-loader.js:53:33)
    at Object.check (C:\Users\username\AppData\Local\sfdx\node_modules\jsdom\lib\jsdom\browser\resources\resource-queue.js:76:23)
    at C:\Users\username\AppData\Local\sfdx\node_modules\jsdom\lib\jsdom\browser\resources\resource-queue.js:119:14

In the development console for the window with the component, the AuraFetchResponse message is "error parsing or finding aura config: window.Aura not found":

To Reproduce Steps to reproduce the behavior:

1. Install LWC Local Dev Server
2. Open a component
3. Perform an action that makes a callout to an @AuraEnabled apex method

Expected behavior The call succeeds and the data is returned to the local dev server and the component is able to process the response.

Screenshots Above

Desktop (please complete the following information):

• OS: Win 11
• Browser = Chrome and Firefox
• Version = 113.0.5672.127 and 114.0

Smartphone (please complete the following information): n/a

Additional context SFDX version = 7.203.6 LWC Dev Version = 2.11.0

[JNiedleCADMV]

Issue appears related to missing packages after updating either the sfdx cli or updating the lwc-dev-server. Running npm install fixed the issue.

[JNiedleCADMV]

Identified fix was a red herring. Connecting to a sandbox on Spring '23 19.21 works but connecting to a sandbox on Summer '23 7.1 throws the error above.

[gribis]

Seeing the same error in a Aura LX out site. I suspect something changed about Lightning Out in Summer 23. Deactivating the release update "Security Enhancements for CSRF Tokens for Lightning Apps" resolved the issue for us.

Per the update description, Lightning Out should not be impacted; however at the moment that statement is incorrect.

[jastend]

Can confirm, disabling "Security Enhancements for CSRF Tokens for Lightning Apps" resolved the issue for me immediately.

[gribis]

Salesforce has patched the issue related to "Security Enhancements for CSRF Tokens for Lightning Apps". It should now work with or without the update enabled.

Our LX Out site is up-and-running again with the update enabled.

[JNiedleCADMV]

@gribis : This is still not working for me in my sandbox. Any ideas on if they're slowly rolling out the patch across all sandboxes or if it should've been patched for all?

[aaronthomaswebster]

I am seeing this issue as well

[pilivpp]

I also have problem with this issue. Can anyone help with this?

[pilivpp]

So I turn off lot of things in session settings and it works now 🗡️

[stale[bot]]

This issue has been automatically marked as type:bug-p3 because it has not had recent activity.

[bilal-elchami]

Salesforce has patched the issue related to "Security Enhancements for CSRF Tokens for Lightning Apps". It should now work with or without the update enabled.

Our LX Out site is up-and-running again with the update enabled.

Unfortunately, it still doesn't work with the update enabled. This was tested with a freshly created scratch org, and the apex execution started working only after disabling the Security Enhancements for CSRF Tokens for Lightning Apps update.

[stale[bot]]

This issue has been automatically marked as type:bug-p3 because it has not had recent activity.

[kovdmm]

It still doesn't work and now we cannot disable the Security Enhancements for CSRF Tokens for Lightning Apps option.

[bilal-elchami]

It still doesn't work and now we cannot disable the Security Enhancements for CSRF Tokens for Lightning Apps option.

Unfortunately, you're right!!!! Do you know how we can escalate this issue?

[pilivpp]

@kovdmm @bilal-elchami +1 - doesn't work anymore. I'm very unhappy. We can spam here maybe:

https://trailhead.salesforce.com/trailblazer-community/feed/0D54S00000PfDgUSAV

[bilal-elchami]

@kovdmm @bilal-elchami +1 - doesn't work anymore. I'm very unhappy. We can spam here maybe:

https://trailhead.salesforce.com/trailblazer-community/feed/0D54S00000PfDgUSAV

Thank you @pilivpp ! Okay, I will write a comment on the feed you just shared. I'll submit a Case to the support as well and try to get a call with them. This should be fixed asap!!!

[kovdmm]

@pilivpp, @bilal-elchami I went for the easiest way - using mocks for data that needs to be retrieved from org :(

But it's not a solution obviously. We need this bug to be fixed

[pilivpp]

@kovdmm ehh this workaround doesn't sound good for me ;d agree bug should be resolved.

[kovdmm]

@bilal-elchami @pilivpp I've found out that the feedback link in the docs refers to another GitHub repo (relates to Salesforce Extension Pack for VSCode).

So I've created a new issue there. Please vote or leave a comment at https://github.com/forcedotcom/salesforcedx-vscode/issues/5165.

[pilivpp]

@kovdmm okey, thanks!

[zac-barton-apprisers]

I'm facing this exact issue also and need it resolved asap so we can do local development!

[zac-barton-apprisers]

I managed to find a fix/workaround for this which I added at https://github.com/forcedotcom/salesforcedx-vscode/issues/5165#issuecomment-1771831558