Getting a failed login while using yahoo social connection

The yahoo social connection doesn’t work. I started by trying the social connection by using Auth0 dev keys (By leaving key and secret blank). Didn’t work. Tried to create the yahoo app by following this guide, with same result. This is the error message:

{
  "error": "invalid_request",
  "error_description": "InternalOAuthError: failed to fetch user profile (status: 403 data: {\"error\":{\"@lang\":\"en-US\",\"@uri\":\"http://yahoo.com\",\"description\":\"Access forbidden for the user as cookie validation failed\",\"detail\":\"Access forbidden for the user as cookie validation failed\"}})"
}

Update:

I also tried it in incognito mode with the same yahoo user and got the same error.
error

Update: The issue was reproduced and was reported so that it can be reviewed and addressed; however, at this time there is not a specific timeline for resolution. The issues seems to be related to some changes on Yahoo side as others also experienced the same and may require bigger changes instead of just being a quick fix.


I did a quick tests both with the Auth0 dev keys and by also creating my own app as stated in the guide you mentioned; in both situations I could not reproduce the issue. This could have been either a temporary issue or it’s user specific.

An online search for the error message also shows a couple of hits so it suggests this might be on the Yahoo end of things. I would suggest you to try to reproduce the issue in Incognito mode with the same user and also if possible try to login with a different user.

Thank you @jmangelo. You suggested trying with a different user. Do you mean a different yahoo user or Auth0 user?

Thank you @jmangelo. You suggested trying with a different user. Do you mean a different yahoo user or Auth0 user?

A different Yahoo user to check if it can be related to anything on the profile of the user you’re trying to use. I did my tests with a user that I created specifically for the test as I did not have an existing Yahoo user.

I created a brand new Yahoo user, and tested in incognito. Same problem.

Ok, thanks for trying all the above. I was now also able to reproduce the situation (I was doing my tests against a build that did not match exactly what’s deployed and due to that it was working). I’ll report this situation internal and will update this post with more information when I have it.

Any updates with this issue?

Any updates with this issue?

At the time I reproduced the issue the root cause was not immediately visible so I had to report the issue for further investigation but I’m afraid it might not received the desired attention and I also forgot to keep pushing it so at this time there is no meaningful update. I’ll raise the awareness about this situation again; thanks for reminding me of this.

I had this working last week. No changes but today the same message as the poster.

I’ve tried multiple yahoo accounts and I also tried different yahoo permissions (Contacts > Read) (Profile → Public Profile Read) same producing the same result.

Please let me know if there’s anything else we can try.

I had this working last week. No changes but today the same message as the poster.

I’ve tried multiple yahoo accounts and I also tried different yahoo permissions (Contacts > Read) (Profile → Public Profile Read) same producing the same result.

Please let me know if there’s anything else we can try.

I updated the answer the current status for this situation. The issue does not seem related to the permission you ask for, in some cases I’ve only seen the issue happening if you have to actively authenticate with Yahoo. If you already had a session and only had to provide consent then things would work as before.

@harald.andertun @isaac.r.levin @amp9020 we are in the final stages of reviewing this situation so that it can be addressed. However, I was doing some quick tests yesterday with the current state of things and could no longer reproduce the original situation. Can any of you confirm if you still experience the same exact issue? On my tests Yahoo presented me with a slightly awkward consent screen from an UI perspective, but I was still able to complete the authentication through Auth0 and did not had the same error as before.

@jmangelo Yep, it works now. Not sure what happened in the past. Maybe Yahoo corrected the error.

@jmangelo Yep, it works now. Not sure what happened in the past. Maybe Yahoo corrected the error.

Thanks for the update; yeah, I personally think Yahoo broke/changed the requirements for OAuth1 support while rolling out OAuth2 and now they reverted the change that caused an issue with OAuth1, but just guessing here.

Using the yahoo mail for iPhone, where I currently have 3 userids, when I try to add another user account, I get the cookie validation error message (what’s worse it says failed instead of failed)