Auth0 api returns errors due to cloudfare server?

Get Help
,
1

curl -v -H “User-Agent: Python-urllib/3.12” https://auth0.ourdomain.com/.well-known/jwks.json

  • Trying 104.18.43.182:443…
  • Connected to auth0.ourdomain.com (104.18.43.182) port 443 (#0)
  • ALPN: offers h2
  • ALPN: offers http/1.1
  • CAfile: /Users/prashanth9/opt/anaconda3/ssl/cacert.pem
  • CApath: none
  • TLSv1.3 (OUT), TLS handshake, Client hello (1):
  • TLSv1.3 (IN), TLS handshake, Server hello (2):
  • TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
  • TLSv1.3 (IN), TLS handshake, Certificate (11):
  • TLSv1.3 (IN), TLS handshake, CERT verify (15):
  • TLSv1.3 (IN), TLS handshake, Finished (20):
  • TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
  • TLSv1.3 (OUT), TLS handshake, Finished (20):
  • SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
  • ALPN: server accepted h2
  • Server certificate:
  • subject: CN=auth0.ourdomain.com
  • start date: Nov 4 07:26:24 2025 GMT
  • expire date: Feb 2 07:26:23 2026 GMT
  • subjectAltName: host “auth0.ourdomain.com” matched cert’s “auth0.ourdomain.com
  • issuer: C=US; O=Let’s Encrypt; CN=E7
  • SSL certificate verify ok.
  • Using HTTP2, server supports multiplexing
  • Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
  • h2h3 [:method: GET]
  • h2h3 [:path: /.well-known/jwks.json]
  • h2h3 [:scheme: https]
  • h2h3 [:authority: auth0.ourdomain.com]
  • h2h3 [accept: /]
  • h2h3 [user-agent: Python-urllib/3.12]
  • Using Stream ID: 1 (easy handle 0x7fe93e015c00)

GET /.well-known/jwks.json HTTP/2
Host: auth0.ourdomain.com
accept: /
user-agent: Python-urllib/3.12

  • TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
  • TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
  • old SSL session ID is stale, removing
    < HTTP/2 403
    < date: Tue, 18 Nov 2025 15:27:27 GMT
    < content-type: text/plain; charset=UTF-8
    < content-length: 16
    < x-frame-options: SAMEORIGIN
    < referrer-policy: same-origin
    < cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
    < expires: Thu, 01 Jan 1970 00:00:01 GMT
    < x-content-type-options: nosniff
    < server: cloudflare
    < cf-ray: 9a087df21cdb5e60-EWR
    < alt-svc: h3=“:443”; ma=86400
    <
  • Connection #0 to host auth0.ourdomain.com left intact
    error code: 1010%
3

Hi @prashanth9 and welcome to the Auth0 Community!

Cloudflare is currently having an outage that is affecting multiple sites. I believe this will get resolved once their status is available again.

Thank you for your understanding!
Teodor.

4

I reported this same issue earlier.

Maybe related to Cloudflare outage, but I found that if I override the User-Agent header to something other than “Python-urllib/3.12”, it worked again.

+                uaheader = {"User-Agent": "Something"}

+                key = jwt.PyJWKClient(jwks_uri, headers=uaheader).\

+                    get_signing_key_from_jwt(token)
2 Likes
5

Yes, this solution works and we’ve made our auth0 user-agent a configurable env var for future.