Oauth/token endpoint returning access_denied, Unauthorized


I have one ‘Regular Web Applicaiton’ configured with three callbacks:

  1. https://synergy.us.webtask.io/auth0-authentication-api-debugger
  2. testing environment
  3. production environment

Our development was

  1. test with the Auth0 debugger extension — OK, able to get the bearer token
  2. test with our developer’s environment (just running on own machine to a test page) – OK, able to get the bearer token

However, when we added the third environment, the oauth/token endpoint consistently gives us

The authorize endpoint works fine, but the token endpoint just won’t return the bearer token when the redirect URI is pointing to the 3rd environment.

Any ideas?

We’ve found the issue. We kept hitting the problem with sample .NET code generated by Postman (using the Auth0 collection), but could get our token using the sample JQuery code.

It turns out the 105 version of RestSharp was causing the issue. Not sure how it communicated with the API that caused the API to return an access_denied, but upgrading to RestSharp 106 solved the problem.