Sure. Here are the errors:

Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user’s experience. For more help http://xhr.spec.whatwg.org/ config:1:15

window.controllers/Controllers is deprecated. Do not use it for UA detection. common.js line 139 > eval:1362

SyntaxError: JSON.parse: unexpected character at line 1 column 1 of the JSON datacommon.js:27:21992

NOTE: The above is from Firefox for Windows. I don't have dev tools installed on Safari (Mac OS X) ... which is what I was using when I first experienced the issue. So it's extant there too.

Thanks for information.

Looking at the errors, this one specifically window.controllers/Controllers is deprecated. Do not use it for UA detection. appears to be FireFox related - are you using FireFox?

We tested this in FireFox 67, and 68 with no errors. Also, tested in the latest Edge, IE, and Chrome with no issues.

Do you have any browser plugins installed that may be interfering?

Here's what I get from Safari:
[Error] Failed to load resource: the server responded with a status of 400 () (login, line 0)
[Error] SyntaxError: JSON Parse error: Unrecognized token '<'
parse (common.js:27:21998)
parseJSON (common.js:27:21998)
complete (application.js:129)
fire (common.js:26:2809)
fireWith (common.js:26:3997)
done (common.js:27:25008)
(anonymous function) (common.js:28:1094)

Ah, Safari. Testing in Safari appears to work. Not sure how else to try and reproduce the issue on our end.

For a potential quick fix you could try modifying some JavaScript. If you go in to appserver/static/lib/application.js and modify line 129 from that.setMessage(response.msg, "success"); to be something like that.setMessage("Successfully authenticated.", "success");.

You may have to run _bump in the browser to clear the static caching after you've made the change. So, it would be something like https://<splunk>/en-US/_bump.

Same issue with Chrome. Here's the report from console:
[Deprecation] document.registerElement is deprecated and will be removed in M73, around March 2019. Please use window.customElements.define instead. See https://www.chromestatus.com/features/4642138092470272 for more details.
(anonymous) @ common.js:425
:8000/en-US/splunkd/__raw/servicesNS/nobody/appinspect/login:1 Failed to load resource: the server responded with a status of 400 ()
appinspect:1 Uncaught SyntaxError: Unexpected token < in JSON at position 0
at JSON.parse ()
at Function.jQuery.parseJSON (:8000/en-US/static/@676F33AA466EA21A373A99FDCE92623023F7EB1363C97C1EA6A1C7DAA46B9CB9/build/pages/enterprise/common.js:27)
at Object.complete (:8000/en-US/static/@8c86330ac18/app/appinspect/lib/application.js:129)
at fire (:8000/en-US/static/@676F33AA466EA21A373A99FDCE92623023F7EB1363C97C1EA6A1C7DAA46B9CB9/build/pages/enterprise/common.js:26)
at Object.fireWith (:8000/en-US/static/@676F33AA466EA21A373A99FDCE92623023F7EB1363C97C1EA6A1C7DAA46B9CB9/build/pages/enterprise/common.js:26)
at done (:8000/en-US/static/@676F33AA466EA21A373A99FDCE92623023F7EB1363C97C1EA6A1C7DAA46B9CB9/build/pages/enterprise/common.js:27)
at XMLHttpRequest. (:8000/en-US/static/@676F33AA466EA21A373A99FDCE92623023F7EB1363C97C1EA6A1C7DAA46B9CB9/build/pages/enterprise/common.js:28)

Upshot: I can't get Safari, Firefox (for Windows), nor Chrome (for Mac) to work. I could keep trying different browsers on different platforms... But looking across the reports of the browsers, it looks like there are some deprecated functions in use and some malformed JSON.

@wryanthomas - really sorry to hear you're having this issue. You aren't by chance behind a proxy are you?

We tested this in IE, FireFox, Safari, and Chrome across both Windows and OSX and are unable to recreate any of these errors.

The returned JSON is from Splunk's AppInspect API so if it were universally malformed we would be seeing it as well.

You could also try to use Postman to communicate with the AppInspect API just to see if its returning any of the same errors: http://dev.splunk.com/view/appinspect/SP-CAAAFDU

Finally got back to this.

The Postman option works just fine for me. No problem authenticating and getting validation to work.

Still can't use (authenticate with) the app. 😞