Error message: 'Redirection is not available on /oauth/token endpoint'

Problem statement

When using the embedded login with a web application and we are encountering an issue that we cannot pinpoint or find answers online. Basically we are getting:

  error: 'invalid_request',
  error_description: 'Redirection is not available on /oauth/token endpoint.'

This is what we are sending through, as per the examples:

  "client_id": "...",
  "client_secret": "...",
  "grant_type": """,
  "username": "******",
  "otp": "*****",
  "realm": "email",
  "audience": "https://*****"",
  "scope": "openid profile email"

However, this is always resulting in the error. This is occurring for both registered and brand new users. We cannot find where the reference to “redirect” is coming from.


  • The ‘Redirection is not available on /oauth/token endpoint’ error commonly occurs when there is a redirect within Actions or Rules occurring on a flow that does not allow for a redirect, for example during a refresh token exchange.


In these scenarios, we recommend including some logic to bypass the redirection within the Rule or Action based on the protocol being used. For example:

function adhoc(user, context, callback) {
  if (context.protocol === "oauth2-refresh-token") {
    //skip the redirect for Refresh Token flow
    return callback(null, user, context);
  // other logic before redirect
  context.redirect = {
    url: """
  return callback(null, user, context);
1 Like