New setup getting a vague error

david.richard · January 19, 2026, 6:31pm

Setting up a demo, getting login failure. I followed all of the instructions to get up a new application, everything is in place, but when the Authn request is made to Auth0, I get a non-descriptive error: “type”: “f”, “error”: {
“oauthError”: “invalid_request”,
“type”: “request-error”
},

I’m not sure what to do next. Everything the AI helper is saying is not really an issue, and I don’t know what is invalid about the request. I do have it signed, and the cert that I set up in the Application is the same one on my end.

The SAML implementation is custom on this end, so I can check/adjust anything. But with a vague error, I’m not sure what is wrong? Any ideas?

Thanks.

david.richard · January 19, 2026, 7:37pm

Here’s an example of my request (there’s noting sensitive here):

<?xml version="1.0" encoding="UTF-8"?>                                                                                                                                                     
  <AuthnRequest xmlns="urn:oasis:names:tc:SAML:2.0:protocol" ID="_f26c757a-5d2d-4e4c-b534-8f66066d4530" Version="2.0" IssueInstant="2026-01-19T19:26:45Z"                                    
  Destination="https://dev-eectp3yvmhkxogwn.us.auth0.com/samlp/bZgtijsTG5bBtsri358KYnysEEwUA0Cq"                                                                                             
  AssertionConsumerServiceURL="https://api-via.dev.vaultara.com/station/saml/acs/27b8b8f2-8125-4cb8-8f9c-41a64604c5aa" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST">     
  <Issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion">https://station.dev.vaultara.com/saml/27b8b8f2-8125-4cb8-8f9c-41a64604c5aa</Issuer>                                                  
  <NameIDPolicy xmlns="urn:oasis:names:tc:SAML:2.0:protocol" Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" AllowCreate="true"></NameIDPolicy>                              
  </AuthnRequest>

It’s not signed, and I haven’t uploaded a cert to Auth0. Also, the user (mine) is already logged in, and authorized for this app. There’s no place to put Issuer/EntityId, but the callback URL is correct.

What next to check?

Thanks,

david.richard · January 19, 2026, 7:43pm

Finally, one more observation - I am getting two hits to the log in the Web UI - the second has my client Id, the first doesn’t. Otherwise they are exactly the same.

david.richard · January 19, 2026, 8:07pm

Found the issue - looks like the problem was on my end. Spaces in the request not properly encoded to base64.

Blaming Claude for it.

Thanks!

gerald.czifra · January 19, 2026, 11:04pm

Hi @david.richard

Welcome to the Auth0 Community!

Thank you for sharing this with the Community, I’m glad to hear that you’ve found the fix for the issue!
Wanted to add some more details here in case others encounter a similar issue of “oauthError”: “invalid_request”, “type”: “request-error”, this can usually indicate that the SAML Request is not valid in some way. You can use tools such as https://www.samltool.io/ to analyze a SAML Token and troubleshoot the issue.

Just to have these handy as well, I will share some documentations that could further help:

Please do not hesitate to reach out to us for any other issue or requests.

Have a great one!
Gerald

Topic		Replies	Views
Auth0 SAML authentication request not working Get Help saml , authentication	1	4147	March 2, 2018
Troubleshooting generic 'Oops' error page (invalid_request) with SAMLP Identity provider connection Get Help login , error , callback-urls , samlp , connection	9	8407	March 2, 2018
Unauthorized: Invalid Request Get Help connections , oidc-enterprise-connection	4	1036	January 24, 2024
Auth0 as SAML service provider - Sample SAML response from identity provider Get Help	0	1222	October 6, 2022
SSO "failed to obtain access token" auth0 Get Help sso	2	5614	December 26, 2021

New setup getting a vague error

Related topics