Auth code flow broken seemingly out of nowhere (lots of downdetector reports)

We noticed a couple hours ago that we could no longer authenticate using the Authorization Code flow. Instead of being redirected to localhost:39507 with the authorization code so that we can exchange it for the token, we are redirected to localhost:39507 with content that looks like:

error: "access_denied"
error_description: "actions-runtime execution request failed%3A rpc error%3A code %3D Internal desc %3D internal"
state: "83e25575-5604-4f55-8dda-d01a40d7169b"

Downdetector suggests that this may be an issue on your end which you are not aware of yet, so wanted to flag in case: https://downdetector.com/status/auth0/
All of our login flows that use auth0 started failing at once and we did not make any code changes we can connect to this error recently.

Thanks for any info / help you can give!

Seems to be resolved now, thanks!

We too experienced this exact issue at this moment in time. Thanks for sharing the details.

We also experienced this April 25th. The same thing happening for us right now.

same happening to us right now. no clear resolution. @ajv @zlee @babyyoda - any insights into the cause / solution?

No, I’ve raised a support ticket with Auth0 and they said they’re looking into it.

Our production tenant has recovered now, dev tenant is still throwing the same error.

Same here. It’s related to action execution so a potential workaround is to switch off any actions you have hooked up temporarily, if that is at all viable. That’s what I’ve just done on our account because we only utilise actions for adding custom claims which affect a small subset of users. If you’re not able to switch off actions then you’re probably out of luck until it’s resolved, though

Auth0 support got back to me - they suggested reverting the custom action from Node 18 (which is in beta for them) back to Node 16.

Yes had that same response, can confirm rolling back fixes the issue. If Node 18 isn’t considered ready for use I’d possibly add a stronger warning to that effect on this banner - especially when shown for an action hooked up to a production flow. Appreciate the runtime is still labelled as Beta, but Node 18 in general is in LTS and is stable, so I think it’s reasonable to assume upgrading would be incident free for all but the more complicated actions. Alternatively make the upgrade process a bit more than single-click (which could be done accidentally and there’s seemingly no way to revert).

I gave them the exact same recommendation. Why provide a strong CTA to upgrade at all

Hi, we are seeing the same issue as of 2 hours ago. I can’t see how to view what runtime it is using? It seems odd that it has just randomly broken.

We’re also experiencing the same issue as of 1-2 hours ago and we haven’t used node18 or made any changes to our environment recently.

Are there issues currently on auth0’s side?

You can see the runtime listed underneath the custom action name on its page. I couldn’t find any way to rollback the version to 16 as such, instead I created a new action in the 16 runtime and copy the code across, then replace the old action in the Flow.

Thanks I found the versions in the library and yes I have one on node 18 so I created a new action with node 16 and it works.

Nice to see this isn’t just me!!! I don’t want to have to migrate to Node 16 again, so i’ll wait it out. Hopefulyl they’ll sort out soon. They should update their status page though

we reverted to node 16 and are back.

Hey there everybody!

Yep it seems like we’re experiencing some outage. I will be updating you with information once I learn more about it. Thank you for your understanding!

More on that here:

https://status.auth0.com/incidents/l0vc09wd28j5

It is now marked as resolved on our status page that I shared above. Everything is either working normally now or will be working normally in a few moments. Thank you!