Failed Cross Origin Authentication - Request to Webtask exceeded allowed execution

We have multiple Auth0 Regular Web Applications which all fail with the error below when a user tries to login. Nothing seems to have changed on our end, including the CORS and Allowed Web Origins settings on these web apps.

Our machine-to-machine applications are still able to successfully hit Auth0 to retrieve access tokens and use those to hit our APIs.

I’ve searched the community here but wasn’t able to find any results for the Webtask exceeded allowed execution error related to Cross Origin Authentication.

I’ve extracted some of the relevant information from the logs below

"type": "fcoa",
"description": "Request to Webtask exceeded allowed execution time",
"connection": "Username-Password-Authentication",
"error": {
  "message": "Request to Webtask exceeded allowed execution time",
  "oauthError": "access_denied",
  "type": "oauth-authorization"

Hi @jcordeiro,

Welcome to the Community!

The Request to Webtask exceeded allowed execution time error happens when a rule in a tenant either:

  1. takes too long to finish (e.g., calling an external API)
  2. is not calling the callback() function in every code path

Have you tried turning off each rule one at a time? It would probably help to narrow down which rule is causing the issue.


Hi @stephanie.chamblee,

Disabling the rules one at a time helped me find which rule was causing the issue. There was a call to an external API which was timing out. Fixing the external API call has resolved the issue and logging in is now working again.

Thanks for your help!


I’m glad to hear the issue is resolved!


This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.