Problem with access token refresh only on some IPs

Hi, I am successfully using Auth0 for the access token management for the api I created. For a few days a customer has been reporting to me about problems related to refreshing the access token using refresh token. Instead of returning the new access token it returns 401. unauthorized, while if you make the call through Postman everything works fine.

I have checked everywhere for the past 2 days, but still haven’t been able to fix the problem.
One of the ip used is “136.143.190.43”, in particular it is part of the American server farm of “Zoho CRM”.
Has anyone already encountered a similar problem?

I also changed an application from “Regular Web Application” to “Machine to Machine” and now I can’t restore the previous category anymore. is it possible to do it somehow?

Thank you

1 Like

Hi @sw11,

Welcome to the Community!

It’s possible that you are running into an issue with brute force protection.

You can whitelist the IP in your dashboard’s anomaly detection settings.

Hello,
Thanks for the reply.
I think it is not related to brute force protection as one of the first tests I carried out was to deactivate this protection.
Also, after re-enabling it, I whitelisted the entire affected subnet.

The main problem is that I don’t even get a connection log from addresses that are having trouble authenticating.

Yesterday I talked to the person affected by the problem and had their firewall system checked, so in the meantime I would say to keep this issue pending.

I’ll get back to you in case the firewall check fails

Thank you

1 Like

Sounds good. Let us know and we can resume.

Good morning,
the user asked me to whitelist the following ip’s

136.143.190.43 - 136.143.190.45
8.39.54.43 - 8.39.54.45
204.141.42.43 - 204.141.42.45

but, if I am not mistaken there should be no limitations on the ip accessing the auth0 portal for the token exchange.

How could I force a whitelist for these 9 ip addresses?

Thank you

Can you please DM me the name of the affected tenant?

Hi, Message sent

Thanks

1 Like

Replied. We can work through a few things via DM and then I will update this thread with a resolution.