Getting 401 UNAUTHORIZED on /oauth/token call Spring Boot

csira · June 26, 2023, 2:52pm

Using SpringBoot to evaluate using Auth0 for our setup and we get through most of the authentication process in the logs until it gets to the point of trying to call /oauth/token

At that point, we are getting back 401 UNAUTHORIZED

Note: the sample app seems to work just fine with the same server and configuration parameters, but we cannot determine why auth0 would be returning 401 error code for this call.

Start processing with input [code=owexrHqOpynPpfu7IG-9jig-tUBJbIWpcyQF3cnsdoe3D&state=NVq7-pWcfxtCM5xme7JDB6Y3YKjDVdDatWc4AP8xDnE%3D]
HTTP POST https://votedown.us.auth0.com/oauth/token
Accept=[application/json, application/*+json]
Writing [{grant_type=[authorization_code], code=[owexrHqOpynPpfu7IG-9jig-tUBJbIWpcyQF3cnsdoe3D], redirect_uri=[http://localhost:3002/login/oauth2/code/auth0]}] as "application/x-www-form-urlencoded;charset=UTF-8"
sun.net.www.MessageHeader@54352a858 pairs: {POST /oauth/token HTTP/1.1: null}{Accept: application/json;charset=UTF-8}{Content-Type: application/x-www-form-urlencoded;charset=UTF-8}{Authorization: Basic MXRTQ0NsRFBKc0lEREdYd2gzand0SmFoRTJONUFYTnA6JTNEdGFEdjRVUFdyRUR3ODFwY09NYzdHMWNaZTh6QjBIRm02QVpBUXhhVm1YazlXdm9UQzU3Q093VnF4TnppWHl3cg==}{User-Agent: Java/1.8.0_265}{Host: votedown.us.auth0.com}{Connection: keep-alive}{Content-Length: 155}
sun.net.www.MessageHeader@5786448125 pairs: {null: HTTP/1.1 401 Unauthorized}{Date: Mon, 26 Jun 2023 14:41:57 GMT}{Content-Type: application/json}{Content-Length: 60}{Connection: keep-alive}{CF-Ray: 7dd636d049d343c3-EWR}{CF-Cache-Status: DYNAMIC}{Cache-Control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform}{Set-Cookie: did=s%3Av0%3A9a400790-142f-11ee-9010-3d579083fb35.PAbYu%2BbW3phmKzzbEVAOXlCD7vJlar3QGAFmqcjS%2BLQ; Max-Age=31557600; Path=/; Expires=Tue, 25 Jun 2024 20:41:57 GMT; HttpOnly; Secure; SameSite=None}{Strict-Transport-Security: max-age=31536000}{Vary: Origin}{ot-baggage-auth0-request-id: 7dd636d049d343c3}{ot-tracer-sampled: true}{ot-tracer-spanid: 290b6f672964277b}{ot-tracer-traceid: 265903064263393e}{Set-Cookie: did_compat=s%3Av0%3A9a400790-142f-11ee-9010-3d579083fb35.PAbYu%2BbW3phmKzzbEVAOXlCD7vJlar3QGAFmqcjS%2BLQ; Max-Age=31557600; Path=/; Expires=Tue, 25 Jun 2024 20:41:57 GMT; HttpOnly; Secure}{traceparent: 00-0000000000000000265903064263393e-290b6f672964277b-01}{tracestate: auth0-request-id=7dd636d049d343c3,auth0=true}{X-Auth0-RequestId: fc096012e214db03bb3f}{X-Content-Type-Options: nosniff}{X-RateLimit-Limit: 300}{X-RateLimit-Remaining: 299}{X-RateLimit-Reset: 1687790519}{Server: cloudflare}{alt-svc: h3=":443"; ma=86400}
Response 401 UNAUTHORIZED
Redirecting to /login?error

dan.woda · June 28, 2023, 6:55pm

Hi @csira,

Could you please share the code you are using to make the call? I’m seeing a Basic auth in the snippet you posted, and I don’t think that should be there.

system · July 26, 2023, 3:21pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.