Calling /userinfo and getting 400 Bad Request: Header Or Cookie Too Large

Hi all,

I’m doing some testing with pulling in Azure AD groups into the claim. All is well from Azure to Auth0 and I can see the groups listed in the logs and dashboard.

In my testing I have a very large number of groups (around 200 GUIDs). When I’m calling /userinfo after logging in and passing the JWT token, I received a 400 Bad Request error from /userinfo.

Looking at the error in Fiddler, it’s actually coming from nginx, rather than Auth0 specifically.

I’m hitting the eu.auth0.com endpoint.

Is there anything that can be done about this? I can’t control the number of groups that a user might be in, and if I want to use Azure Groups and Auth0 together then this needs to work. I’m not sure if it’s possible for Auth0 to extend the size of the header setting in their nginx instance?

Facing the same issue. its coming from nginx and causing a lot of problems for my customers

I’m having the same issue here while trying to log in. Has anyone found a workaround yet?

same issue here. any help would be greatly appreciated.

If you delete the auth0 cookie and try again the issue should be solved. The cookie might have been corrupted.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.