Exchange Authorization Code Per Access Token Exception after authentication

I deployed a new version of our application last night and tested it. This morning when I went to log in, I received the following error message:

Server Error in ‘/’ Application.

Object reference not set to an instance of an object.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.NullReferenceException: Object reference not set to an instance of an object.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[NullReferenceException: Object reference not set to an instance of an object.] Auth0.Client.ExchangeAuthorizationCodePerAccessToken(String code, String redirectUri) +641 Pdi.Ordering.Admin.Web.Controllers.Timestamp.WebApi.Controllers.AuthenticationController.ExternalLogInCallback(String code, String state) in C:\Projects\pdi\src\Pdi.Ordering.Admin.Web\Controllers\AuthenticationController.cs:37 lambda_method(Closure , ControllerBase , Object[] ) +178

Nothing has changed my end, but the application just doesn’t load any more.

Is there anyone else with a similar experiance?

@pdi.azure I’m having the same issue.
Did you manage to to fix this?

I’m assuming it has something to do with Azure AD/ADFS connections and the email_verified setting because something related to that was deprecated May 18th.

This issue was resolved. The response I had from Auth0 support was:

An update on this situation; the error situation with the .NET application is most likely being caused by a failure to connect to the service due to the usage of deprecated TLS versions (https://auth0.com/docs/product-lifecycle/deprecations-and-migrations#legacy-tls-deprecation).

You can probably quickly force the use of TLS 1.2 by adding this code (System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12;) at application startup as that should force TLS 1.2 before any attempt to call into the Auth0 service. However, you may also want to consider retargeting the web application to a .NET Framework that uses TLS 1.2 or above by default in addition to also consider upgrading Auth0 SDK versions.

I hope this resolves your issue as well.

1 Like

Thanks for sharing that with the rest of community!