Receive 500 error on token refresh


With no changes in our software, for the last couple months, we will sometimes get a 200 error, and sometimes get a 500 error when trying to refresh tokens for one of our tenants

Sample python script:

import requests
payload = '{"grant_type": "password", "scope": "offline_access", "username": "USER", "password": "PASSWORD"}'
headers = {"Content-Type": "application/json"}
endpoint = ''
r =, headers=headers, data=payload)


And relevant log summary from the Auth0 “logs” section:

Is this an auth0 error, or is there some custom code that we are running somewhere on refresh that causes this, which I could fix? We don’t have any “hooks” set up…

Hi @teddyward,

Welcome to the Community!

Would you DM me your tenant name so I can take a look at the log?


Hi @dan.woda!

Thanks for the response! I dm’ed you! I will try to follow up here if we reach a resolution so that other people experiencing the same problem can potentially learn from it.


1 Like

I responded in the DM but I am going to respond here as well.

Can you try to turn off your rules, then run through a login with user and see if you still get the error?

1 Like

Hi Dan!

Thanks for your help!!!

That did indeed allow me to narrow down the error. I now know that it is caused by one of my rules, and that specifically it is caused by the Authorization extension timing out. Part of one of my rules requests the user groups via:

and I had a timeout set for 5 seconds.

This made me realize that when I changed the storage backend to s3, I hadn’t realized how significantly this slowed down our authz process. So I’ve switched back to webtask storage, which I think will solve the issue.

Thank you!!!


Glad you were able to figure it out. Thanks for the update too!


This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.