ASP.Net Owin Quick Start Access Denied Issue

Hello everyone,

This is a difficult question to ask as I know there must be an obvious answer. I am attempting just to get the ASP.Net OWIN Quick Start working locally on my machine : Auth0 ASP.NET (OWIN) SDK Quickstarts: Login. I’ve downloaded the sample, made the appropriate web.config URI updates, verified that callback and logout urls were added to the Auth0 application + ensured proper grant types. The Auth0 application does use Universal Login, but I don’t think that plays into the issue I am seeing.

When I simply run the sample application on localhost, click login, I can see that the application redirects to Auth0, but quickly returns via the /callback uri with the following error:

“date”: “2022-03-12T19:23:23.028Z”,
“type”: “f”,
“description”: “Cannot read property ‘ServiceMessage’ of undefined”,
“connection_id”: “”,
“client_id”: “{ourclientid}”,
“client_name”: “HRCI Marketing”,
“ip”: “{return ip}”,
“user_agent”: “Chrome 99.0.4844 / Windows 10.0.0”,
“details”: {
“body”: {},
“qs”: {
“client_id”: “ourclientid”,
“redirect_uri”: “https://localhost:44359/callback”,
“response_type”: “code id_token”,
“scope”: “openid profile”,
“state”: “OpenIdConnect.AuthenticationProperties=mtD2NTepyUizhmOcRVpMrgcKiGSOgt1OjHwDuX-uWRpY4uCihHs2ZE_ktHbU7bBefFFGzUxuEcT2wa2R9nnL60cETFFE9r4IE4wvCoLb4iY-B56HYZVbqKbf7YvWuZX2-a0u5Qy5mi8kTxZpYpn6zVjDNqy0A3SK6uzJwDhS4mA7rFi_ncaBVXmF1mWPqEg8”,
“response_mode”: “form_post”,
“nonce”: “637827097337262293.NzJiODgyOWMtMjgxYS00NWU5LWI5NmItMGY5NzkyM2RkMDI0MzJlM2UxM2QtMzI0ZC00Njk5LWFjNjQtM2UyNTE3NDUxYmI1”,
“x-client-SKU”: “ID_NET461”,
“x-client-ver”: “”
“error”: {
“message”: “Cannot read property ‘ServiceMessage’ of undefined”,
“oauthError”: “access_denied”,
“type”: “oauth-authorization”
“session_id”: “Ioxw5vyua77dbvJjx5AVrHtA-TWPn-tg”
“hostname”: “”,
“user_id”: “auth0|622a6df48964b7007038c8ec”,
“user_name”: “”,
“audience”: “”,
“scope”: [
“log_id”: “90020220312192323500917766577033802649280273292260802562”,
“_id”: “90020220312192323500917766577033802649280273292260802562”,
“isMobile”: false

I think that I’ve verified everything is setup and whitelisted properly. The ‘ServiceMessage’ bit in the error message may be a clue, but I am not sure what that is. Can anyone offer some insight?

Many thanks,

Solved. This was related to an external connection I have to a database of users that suddenly wanted to deny access to all clients. The esoteric ServiceMessage error message was coming from that source.