500 INKApi Error

Problem Statement

When authenticating the user, the https://<AUTH0_DOMAIN>/login/callback?connection=; ACS URL is giving 500 internal server error and authentication fails.

Symptoms

When inspecting the error URL in the developer tools, the status code 500 INKApi Error is returned in Response Headers.

Steps to Reproduce

  1. Initiate the authentication from the application
  2. Login with user and identity provider
  3. The callback URL throws an error

Troubleshooting

To troubleshoot the issue, begin by using the browser’s developer tools to capture the full network trace. Inspect the errored URL and check the response headers received from the server.

If you can confirm that your network is using Apache Traffic Server (ATS) to sniff on SSL traffic, you need to check its error logs to identify what is causing the issue.

Cause

The 500 INKApi Error is not something returned from Auth0. This error is returned from a service called Apache Traffic Server (ATS). It is used to intercept TLS traffic (decrypt, possible analysis and encrypt the response). If your network uses a Proxy that utilize Apache Traffic Server (ATS), you might encounter this issue.

Solution

Configure your proxy server and the Apache Traffic Server (ATS) AllowList your Auth0 Domain so ATS would not try to perform any analysis of TLS traffic.