Failed Exchange : client_id seems to be null

pon9q9 · September 11, 2023, 3:10pm

I tried to login from next.js (using docker image), and I followed this instruction(Auth0 Next.js SDK Quickstarts: Login).
However, the login operation doesn’t work. Log seems to say that Failed Exchange Error occured, and the request doesn’t contain client_id. When I send a request to login(http://localhost:3000/api/auth/login), login page appeared correctly, but after submitting the form

Error 400 appeared with the callback address (http://localhost:3000/api/auth/callback/?code=52AzR_5POGs-gBRZx6GTdEbRu2tQ4LlvOc8E2V11V-U6s&state=eyJyZXR1cm5UbyI6Imh0dHA6Ly9sb2NhbGhvc3Q6MzAwMCJ9).
How can I fix this?

rueben.tiow · September 11, 2023, 7:44pm

Hi @pon9q9,

Welcome to the Auth0 Community!

It looks like this was answered in a similar Community Post:

If you found this post helpful or interesting, please give it a like . Your interaction makes a difference. Have a wonderful day!

Thanks,
Rueben

Want to join our next Community Interactive Q&A with our experts? This time we’re gonna talk about Auth0 Terraform Provider

pon9q9 · September 11, 2023, 11:25pm

Rueben, thank you for your advice. I’ve already tried that way but it didn’t work. I also tried to change “Grant_types” to exclude “Client Credentials” (Success Login and a Failed Exchange - #9 by sagun786) but nothing happene

d.

pon9q9 · September 11, 2023, 11:34pm

It is strange that this “Failed Exchange” always follows a “Success Login” log, and when I have “Success Login”, client_id works. It suggest that login part succeed but exchange part failed. The error on Google Chrome is this, and the code on […auth0].js is this. Please tell me if I can show any other information.

rueben.tiow · September 13, 2023, 5:10pm

Hi @pon9q9,

Thank you for your responses.

I have just looked carefully into the feacft log event type and found that this error happens when it failed to exchange the authorization code for a token.

I was able to reproduce this error when I passed incorrect values for either the client_id, client_secret, or domain in the request.

In this case, could you please make sure that you are exchanging your authorization code for a token with something like the following and making sure all the values are correct:

curl --request POST \
  --url 'https://{yourDomain}/oauth/token' \
  --header 'content-type: application/x-www-form-urlencoded' \
  --data grant_type=authorization_code \
  --data 'client_id={yourClientId}' \
  --data 'client_secret={yourClientSecret}' \
  --data 'code=yourAuthorizationCode}' \
  --data 'redirect_uri={https://yourApp/callback}'

Please let me know how this goes for you.

Thanks,
Rueben

pon9q9 · September 14, 2023, 1:28am

I really appreciate your great suppport, Rueben.
Actually I found my mistake and the problem solved. My AUTH0_SECRET is for another application and that cause this problem. Your generous support really helps me and makes me love auth0 more. Thanks a lot!

rueben.tiow · September 14, 2023, 4:51pm

Hi @pon9q9,

You’re most welcome!

I’m glad you were able to solve it by passing in the correct client_secret in the request!

Please let us know if you have any additional questions.

Thanks,
Rueben

system · September 28, 2023, 4:51pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.