Custom Social Connection OAuth Token Error

I’m trying to set up a custom social connection with Patreon, but I’m running into an error. It seems like the error is on Patreon’s side, because all of the settings in my custom social connection look right to me, and I’m getting back the following error from the Patreon API’s token url (

  "statusCode": 403,
  "data": "{\"error\":\"invalid_grant\",\"error_description\":\"Invalid authorization code\"}"

I’ve raised this issue with Patreon support, but I am posting here because I can’t see or edit the request that Auth0 is making to the Patreon API’s Token URL, so I want to make sure that it is correct and matches the Patreon OAuth documentation.

As far as I can tell, the auth code generated by Patreon’s Authorization URL is correct, and it is passed back to, which redirects to{code} and that is the page where I see the invalid_grant error.

So it seems like either the code from the Patreon API is incorrect/expired, or it is not passed correctly to the Token URL as a request in the following form:

  code=<single use code>
  &client_id=<your client id>
  &client_secret=<your client secret>

Since I can’t inspect the request Auth0 is making, I’m posting this to ask if the Token URL request that Auth0 makes matches this format, as specified in the Patreon docs.

I’m also open to any suggestions or ideas on how to debug this Custom Social Connection, or what I might be doing wrong that’s preventing it from working.

Thank you!

Hi josiah.sprague, and welcome back to the community! :partying_face:

I tried configuring a custom social connection using Patreon for me and it successfully created a new user, so I assume our custom social connection extension is using that format (which is the standard oauth2 format for a token request).

I wish I could be more helpful! Maybe you need to use API v2 for Patreon? When I configured my client on Patreon’s side, I did API v2.

Also might be worth triple checking everything — that the code and authorize URLs are correct, and the list of allowed callbacks are the callbacks you are trying.

Also, if you’re currently trying this by doing the test button, try also doing it in the universal login page.