Error Sending Email - Invalid Login: 534-5.7.9 Application-Specific Password Required

Problem statement

When using Gmail as an SMTP email provider, the error Invalid login: 534-5.7.9 Application-specific password required is seen in tenant logs, and emails are not sent.

Cause

This issue is caused by Multifactor authentication enabled for the account used in the email provider settings. The authentication cannot be completed as it is not an interactive flow.

Solution

This error is Google rejecting the credentials set up in the email provider settings due to the account having 2-factor authentication enabled. In this scenario, an “Application specific password” is required to allow Auth0 to login to the Gmail SMTP account to send emails programmatically.

  • This Google Support answer reviews how to set up an application-specific password in Google.
  • Using an application-specific password in the tenant’s email provider settings should resolve the error.