@franse you work on nodeJS or PHP?
I noticed a difference on my login.php, on the validation rules…
In my file there are these “param”:"" nodes created for each Validation rule.
I’m on 6.1.2
Yes. One target (Development) and one database connection (sweb).
Not in mine (6.3.1 and all working fine):
<?php
require('../../../../dmxConnectLib/dmxConnect.php');
$app = new \lib\App();
$app->define(<<<'JSON'
{
"meta": {
"options": {
"linkedFile": "/wapplercommunity/permissions_login.php",
"linkedForm": "login1"
},
"$_POST": [
{
"type": "text",
"fieldName": "email",
"options": {
"rules": {
"core:required": {},
"core:email": {}
}
},
"name": "email"
},
{
"type": "text",
"fieldName": "password",
"options": {
"rules": {
"core:required": {}
}
},
"name": "password"
}
]
},
"exec": {
"steps": {
"name": "identity",
"module": "auth",
"action": "login",
"options": {
"provider": "permissions",
"username": "{{$_POST.email}}"
},
"output": false,
"meta": []
}
}
}
JSON
);
?>
@Richelle_Anderson Have you checked your table? Is not empty?
HA! That was the first thing I checked 
Yes, a user with a role that was included in the security setting is in there.
And the password is stored with something like $argon2id$v=19.....?
Yes… $argon2id$v=19$m=655
Do you see enabled the Use Password Hash Verify on the security provider?
What seems strange to me, is that I have "passwordVerify": true on the end of the document (Same as Christian who started this topic) and your case is under options:
But don’t know if that’s a normal behavior.
Maybe @Teodor can give us a hand
Yes password hash verify is checked.
I am running Beta and have not downloaded the updated from today. Not sure if that could be why it is in a different place.
I don’t think so, I’m with 6.3.1 too.
Can you create another security provider (Without users and permissions)?
Remember to change it on the login step too
If that doesn’t work, try to change to stable version and see if it’s working there. Maybe it’s a bug.