HTTP interceptor emits error when interaction_required error is returned

[mmawhinney]

Checklist

• The issue can be reproduced in the auth0-angular sample app (or N/A).
• I have looked into the Readme, Examples, and FAQ and have not found a suitable solution or answer.
• I have looked into the API documentation and have not found a suitable solution or answer.
• I have searched the issues and have not found a suitable solution or answer.
• I have searched the Auth0 Community forums and have not found a suitable solution or answer.
• I agree to the terms within the Auth0 Code of Conduct.

Description

Similar to #429, I have a post-login action that redirects the user to my application. On that page, we collect user information and send a request to our backend to validate the input. Since the user was redirected and is not logged in, we set allowAnonymous: true on the route in the interceptor config to allow unauthenticated requests.

The issue is that the same redirect is encountered during the silent authentication performed by the interceptor and an interaction_required error is returned. This error type isn't handled in the allowAnonymous method in the interceptor, so the error is emitted by the error$ observable.

We never need this endpoint to be called with authentication, so we had a workaround of passing cacheMode: 'cache-only' to the tokenOptions setting, but that is also broken in recent versions of this library due to changes in #752 (in cache-only mode, getTokenSilently returns undefined if there is nothing in the cache so calling tokenOrResponse.accessToken throws an error).

Reproduction

1. Have a post-login action that redirects the user to an application
2. Set allowAnonymous: true on an API endpoint
3. Call the above endpoint from the page the user was redirected to
4. The /authorize call should return an interaction_required error

Additional context

No response

auth0-angular version

2.9.0

Angular version

21.2.x

Which browsers have you tested in?

Firefox, Chrome