"403: Forbidden" returned by /oauth/token

Hi @skot,

Thank you for sending over the HAR file.

After inspecting your HAR file closely, I found that it did not capture the events leading up to the request to /oauth/token where you observed the 403 Forbidden error.

Generally, the 403 Forbidden error happens when the authorization code passed in the request is invalid, revoked, or expired. This is detailed in the RFC 6749 - The OAuth 2.0 Authorization Framework specification.

Looking further, I found that you also received an “access_denied” and “unauthorized” error. This could happen when your request passed an incorrect client_id or client_secret. You may also need to make sure that these values match the ones provided in your application settings in the Auth0 Dashboard.

Once that is complete, you can log in and obtain the access token.

If you have any further issues, please don’t hesitate to reach out.

Thank you.