Getting "Invalid authorization code" only on one env and one account

  • Which SDK this is regarding: nextjs-auth0
  • SDK Version: 1.2.0
  • Platform Version: e.g. Node v14.15.5
  • Code Snippets/Error Messages/Supporting Details/Screenshots:

I’m trying to implement nextjs-auth0 to one of my Next.js apps.
I’ve followed the tutorial provided for the nextjs-auth0 library and added an afterCallback method that checks app_metadata properties.

I’m using a Google account to log in to an application.

Everything works like a charm on my local env, but I’m getting a following error on my staging environment.:
invalid_grant (Invalid authorization code)

I’m getting this error only for one account.
I can log in successfully to local and staging apps with other Google accounts.

For staging and local env I have used the same application (same client id and client secret).

What I have tried so far:

  • clearing cookies and cache
  • revoking the app in my users’s settings in Auth0
  • removing my user in Auth0
  • enabling Token Rotation with Reuse Interval set to 0 and 10

When I do a successful login then in Auth0 monitoring I can see 2 entries:

But when I log in to staging with this one particular account I get:

Both, successfull and failed logs share the same “code” in their Context Data.

What else can I try to fix this? :thinking:

1 Like