403 Client Error: Forbidden for url {domain}/oauth/token

General
,
#1

Hello! I am working with a django website that has just entered production via heroku hosting. After going into production I had to update Client ID and Secret for the google-oauth connection. Upon doing so, my login seemed to break.

Here is some additional info:

  • It works fine when hosted locally
  • It worked fine on heroku before adding the production Client ID/Secret from google

When I go to /login/auth0 it begins a redirect loop due to not being able to get to /oauth/token. When I hit “retry” on the error page, it gets to the actual error. This is pictured.

cmd_blueDDlOjf
cmd_blueDDlOjf1903×1017 131 KB

cmd_jm8BTPDtfu
cmd_jm8BTPDtfu1903×1017 100 KB

firefox_yyMdlMDu0m
firefox_yyMdlMDu0m1892×363 28.6 KB

In development I was really enjoying the prospect of using auth0, but I am at a bit of a wall here. Any help at all would be greatly appreciated. If any additional information is needed please let me know.

#3

Hi @beekeeper,

Welcome to the Community!

Are you mixing up the application client ID and secret (found in the Auth0 dashboard), and the google login client ID and secret (found in the google developers console)?

#4

Fair question! The google client ID that I just updated is the one on this page (redacted for security):

firefox_CYRcmNIzZk
firefox_CYRcmNIzZk1362×837 39 KB

When I run the test on this page it says it works. My application has the client ID/secret from the Auth0 dashboard still properly connected.

#5

Yes, those would be the credentials I was referring to. It sounds like both are configured correctly, that is good. :grinning_face_with_smiling_eyes:

Can you find a log that corresponds to the error and DM it to me?