403 Client Error: Forbidden for url {domain}/oauth/token

beekeeper · January 6, 2021, 11:07pm

Hello! I am working with a django website that has just entered production via heroku hosting. After going into production I had to update Client ID and Secret for the google-oauth connection. Upon doing so, my login seemed to break.

Here is some additional info:

It works fine when hosted locally
It worked fine on heroku before adding the production Client ID/Secret from google

When I go to /login/auth0 it begins a redirect loop due to not being able to get to /oauth/token. When I hit “retry” on the error page, it gets to the actual error. This is pictured.

In development I was really enjoying the prospect of using auth0, but I am at a bit of a wall here. Any help at all would be greatly appreciated. If any additional information is needed please let me know.

dan.woda · January 6, 2021, 11:23pm

Hi @beekeeper,

Welcome to the Community!

Are you mixing up the application client ID and secret (found in the Auth0 dashboard), and the google login client ID and secret (found in the google developers console)?

beekeeper · January 6, 2021, 11:30pm

Fair question! The google client ID that I just updated is the one on this page (redacted for security):

When I run the test on this page it says it works. My application has the client ID/secret from the Auth0 dashboard still properly connected.

dan.woda · January 6, 2021, 11:37pm

Yes, those would be the credentials I was referring to. It sounds like both are configured correctly, that is good.

Can you find a log that corresponds to the error and DM it to me?

dan.woda · January 25, 2021, 8:48pm

Closing after two weeks of inactivity.

system · February 9, 2021, 8:48pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.