Next.js Vercel access_denied (unauthorized)

Bug report


@auth0/nextjs-auth0”: “1.3.1”,
“next”: “latest”,
“react”: “17.0.2”,
“react-dom”: “17.0.2”,
“typescript”: “^4.3.3”

This is running on node 14.

my directory is pages/api/auth/[…auth0].ts

[…auth0].ts contains:

import { handleAuth } from '@auth0/nextjs-auth0';

export default handleAuth();

After signing on with google or twitter, it returns to the https://domain/api/auth/callback
and I get the following error message:

access_denied (Unauthorized)

I do not get that error in my local environment, everything works there. I am hosting with Vercel and get this error in that hosting environment. It’s possible that there is some kind of .env secret that is miss configured. Or that the server less function calling this is not passing something correctly to Auth0.

I really need some help on this, so any advice is greatly appreciated.

Hi @blazestudios23,

Welcome to the Community!

We have an FAQ that might be related to this error:

Also, I found this Github issue in the nextjs-auth0 repo. In this case, the social connection did not work because of the env vars that were configured:

Hopefully, those resources will help you get past the error!

I’ve already read both of these and neither resolved the issue that I’m facing.

I found the issue. I had:

AUTH0_SCOPE= "openid email profile"

in Vercel.

Changing it to:

AUTH0_SCOPE=openid email profile

Fixed the problem.

The issue was caused by quotation marks in the environment variable.


Glad to hear you were able to resolve it. Thanks for sharing your solution!