403 Client Error: Forbidden for url {domain}/oauth/token

Hello! I am working with a django website that has just entered production via heroku hosting. After going into production I had to update Client ID and Secret for the google-oauth connection. Upon doing so, my login seemed to break.

Here is some additional info:

  • It works fine when hosted locally
  • It worked fine on heroku before adding the production Client ID/Secret from google

When I go to /login/auth0 it begins a redirect loop due to not being able to get to /oauth/token. When I hit “retry” on the error page, it gets to the actual error. This is pictured.

In development I was really enjoying the prospect of using auth0, but I am at a bit of a wall here. Any help at all would be greatly appreciated. If any additional information is needed please let me know.

Hi @beekeeper,

Welcome to the Community!

Are you mixing up the application client ID and secret (found in the Auth0 dashboard), and the google login client ID and secret (found in the google developers console)?

Fair question! The google client ID that I just updated is the one on this page (redacted for security):

When I run the test on this page it says it works. My application has the client ID/secret from the Auth0 dashboard still properly connected.

Yes, those would be the credentials I was referring to. It sounds like both are configured correctly, that is good. :grinning_face_with_smiling_eyes:

Can you find a log that corresponds to the error and DM it to me?