Auth0 NextJS Toekn Exchange 400 unauthroized

Ready to post? :mag: First, try searching for your answer.
I’m trying to set up my web application in a production environment.

This is working perfectly fine in development, and I’m unable to see any difference in settings between environments.

The inital login request contains the client id
https://[DOMAIN]/authorize?client_id=&scope=openid%2520profile%2520read%3Ashows%2520offline_access&response_type=code&redirect_uri=https%3A%2F%2F{DOMAIN]%2Fapi%2Fauth%2Fcallback&audience=https%3A%2F%2Fapi.[DOMAIN]&prompt=login&nonce=…

Fails when it sucessfully logs in with 400 error

https://{DOMAIN}/api/auth/callback?code=…&state=…

{
“date”: “2024-12-05T17:11:13.489Z”,
“type”: “feacft”,
“description”: “Unauthorized”,
“connection_id”: “”,
“client_id”: null,
“client_name”: null,
“ip”: “34.34.248.84”,
“user_agent”: “Other 0.0.0 / Other 0.0.0”,
“details”: {
“code”: “******************************************Lck”
},
“hostname”: “[TENNANT]”,
“user_id”: “”,
“user_name”: “”,
“auth0_client”: {
“name”: “nextjs-auth0”,
“version”: “3.5.0”,
“env”: {
“node”: “v20.17.0”
}
},
“$event_schema”: {
“version”: “1.0.0”
},
“log_id”: “…”,
“tenant_name”: “my-normative-production”,
“_id”: “…”,
“isMobile”: false,
“originalData”: {
“date”: “2024-12-05T17:11:13.489Z”,
“type”: “feacft”,
“description”: “Unauthorized”,
“connection_id”: “”,
“client_id”: null,
“client_name”: null,
“ip”: “34.34.248.84”,
“user_agent”: “Other 0.0.0 / Other 0.0.0”,
“details”: {
“code”: “******************************************Lck”
},
“hostname”: “[TENNANT]”,
“user_id”: “”,
“user_name”: “”,
“auth0_client”: {
“name”: “nextjs-auth0”,
“version”: “3.5.0”,
“env”: {
“node”: “v20.17.0”
}
},
“$event_schema”: {
“version”: “1.0.0”
},
“log_id”: …",
“tenant_name”: “[TENANT]”,
“_id”: “…”,
“isMobile”: false
},
“integrityRuleset”: {},
“id”: “…”
}

I’ve tried changing auth token endpoint bhaviour and that has no effect.

Any thoughts?

Hi @techadmin2,

Thanks for reaching out to the Auth0 Community!

After reviewing the error log you shared, the feacft error code refers to failing to exchange the authorization code for an access token.

This means that the request to your /oauth/token endpoint was not successful because of some variety of reasons that caused it to fail. For example, the code might have been used, invalid, or expired. The other possibility is if any of the parameters in the request, like the client_id and client_secret, are using incorrect values.

Thanks,
Rueben

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.