Invalid grant for user signup

shola.agunbiade · June 22, 2023, 3:17pm

{“error”:“invalid_grant”,“error_description”:“Wrong email or password.”}

I’m testing new user signups and facing the error above when testing a new user signup which sends a POST request with the payload below. The issue seems to be environment related as exact same request and payload works fine in another environment under the same auth0 account. What could cause this error?

{
“client_id”: “",
“username”: "”,
“password”: “",
“realm”: "”,
“grant_type”: “http://auth0.com/oauth/grant-type/password-realm”,
“scope”: “openid email profile”,
“audience”: “",
“redirect_uri”: "”
}

rueben.tiow · June 23, 2023, 12:47am

Hi @shola.agunbiade,

Welcome to the Auth0 Community!

To better understand the issue, could you please share the exact steps and code you performed so far?

At the moment, I do not have context of where the POST request is going to.

I look forward to your udpate.

Thanks,
Rueben

rueben.tiow · June 23, 2023, 4:08pm

Hi @shola.agunbiade,

I have an update!

The “Wrong email or password” error description is stating that the issue is coming from either a wrong email or password. (Reference: Invalid_grant error code received instead of documented error codes - #7 by thomas.osborn)

Because of this, I decided to test the Password-realm grant type on my end. In my tests, I could successfully get an access token with the following code:

const axios = require('axios');
const qs = require('qs');
let data = qs.stringify({
  'grant_type': 'http://auth0.com/oauth/grant-type/password-realm',
  'client_id': 'YOUR_CLIENT_ID',
  'client_secret': 'YOUR_CLIENT_SECRET',
  'audience': 'YOUR_AUDIENCE',
  'username': 'YOUR_EMAIL_ADDRESS',
  'password': 'YOUR_PASSWORD',
  'scope': 'openid email profile',
  'realm': 'Username-Password-Authentication' 
});

let config = {
  method: 'post',
  url: 'https://YOUR_DOMAIN.REGION.auth0.com/oauth/token',
  headers: { 
    'Content-Type': 'application/x-www-form-urlencoded'
  },
  data : data
};

axios.request(config)
.then((response) => {
  console.log(JSON.stringify(response.data));
})
.catch((error) => {
  console.log(error);
});

Then, the only way I could reproduce the"Wrong email or password" error is if I passed in an incorrect email address or password.

Given that, could you please make sure you are passing the correct email address and password values in the request?

After doing so, you should be able to make the request using the Password-realm grant.

Please let me know how this goes for you.

Thanks,
Rueben

shola.agunbiade · June 23, 2023, 4:49pm

Hi @rueben.tiow, thanks for following up. In my case I’m testing new user signup so email and password are provided for the first time at this stage.

I’ll follow up and this point of the documentation “or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request”. Perhaps is issue is with the redirection.

rueben.tiow · June 26, 2023, 4:47pm

Hi @shola.agunbiade,

Thank you for your reply.

Would you be able to help me capture a HAR file of your login events and share them with me via direct messages to investigate the issue further?

Thanks,
Rueben

system · July 10, 2023, 4:47pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Invalid_grant error code received instead of documented error codes Help custom-database	5	13507	January 4, 2020
Invalid_grant error while using Password Flow Help auth0 , login	2	2481	May 11, 2023
Got undocumented "invalid_grant" error code when calling Authentication API with invalid password Help login	1	7289	January 4, 2020
Oauth/token responds with error": "invalid_grant", "error_description": "Invalid username or password" for Azure AD Help auth0 , login , azure-ad	8	7777	March 9, 2020
node-Auth0 authenticationclient passwordgrant invalid signature error Help apis , application	0	1260	November 17, 2022

Invalid grant for user signup

Related topics