Redirect loop and Failed Exchange error

warren.harrison · March 5, 2025, 9:37pm

I am in the process of testing a new Auth0 Tenant with Universal Login enabled with the goal of migrating our current application that uses a tenant with the Classic Login enabled. I have set up a custom domain and updated our app code to send the audience parameter when requesting access tokens (as explained in Configure Features to Use Custom Domains).

Login works as expected, most of the time. Sporadically, when logging in via the new tenant, I get stuck in a redirect loop in the browser. When this happens, looking at the Auth0 logs, I see a “Failed Exchange” error, with the data below, even though I am sending the tenant domain name as the audience.

It’s not clear to me why this is happening, even less why it’s not consistent.

Any help is much appreciated.

{
  "date": "2025-03-05T13:13:14.091Z",
  "type": "feccft",
  "description": "Service not enabled within domain: https://dev-auth.frac.at/api/v2/",
  "connection_id": "",
  "client_id": "xxxxxxxxxxxxxxxxxxx",
  "client_name": "Fractured Atlas",
  "ip": "192.24.155.116",
  "client_ip": "192.24.155.116",
  "user_agent": "Other 0.0.0 / Other 0.0.0",
  "hostname": "dev-auth.frac.at",
  "user_id": "",
  "user_name": "",
  "audience": "https://dev-auth.frac.at/api/v2/",
  "scope": null,
  "auth0_client": {
    "name": "ruby-auth0",
    "version": "5.18.0",
    "env": {
      "ruby": "3.4.1",
      "rails": "8.0.1"
    }
  },
  "$event_schema": {
    "version": "1.0.0"
  },
  "log_id": "90020250305131314410970000000000000001223372069716678222",
  "tenant_name": "fa-development",
  "_id": "90020250305131314410970000000000000001223372069716678222",
  "isMobile": false,
  "originalData": {
    "date": "2025-03-05T13:13:14.091Z",
    "type": "feccft",
    "description": "Service not enabled within domain: https://dev-auth.frac.at/api/v2/",
    "connection_id": "",
    "client_id": "xxxxxxxxxxxxxxxxxxx",
    "client_name": "Fractured Atlas",
    "ip": "192.24.155.116",
    "client_ip": "192.24.155.116",
    "user_agent": "Other 0.0.0 / Other 0.0.0",
    "hostname": "dev-auth.frac.at",
    "user_id": "",
    "user_name": "",
    "audience": "https://dev-auth.frac.at/api/v2/",
    "scope": null,
    "auth0_client": {
      "name": "ruby-auth0",
      "version": "5.18.0",
      "env": {
        "ruby": "3.4.1",
        "rails": "8.0.1"
      }
    },
    "$event_schema": {
      "version": "1.0.0"
    },
    "log_id": "90020250305131314410970000000000000001223372069716678222",
    "tenant_name": "fa-development",
    "_id": "90020250305131314410970000000000000001223372069716678222",
    "isMobile": false
  },
  "integrityRuleset": {},
  "id": "90020250305131314410970000000000000001223372069716678222"
}

vlad.murarasu · March 7, 2025, 8:56pm

Hi @warren.harrison,

Welcome to the Auth0 Community!

This post will clear things up:

If you are trying to make a request to your API, you need to use the APIs identifier which can be found here:

You are supposed to use your canonical domain instead of your custom domain.

If you have any other questions for us feel free to let us know.

Have a good one,
Vlad

Topic		Replies	Views
Help: server_error: Unable to issue redirect for OAuth 2.0 transaction Get Help login-experience , new-universal-login-experience	5	6673	February 28, 2023
Login with different Auth0 account Get Help	4	2462	September 3, 2020
Custom domain matching AUTH0_BASE_URL problem Get Help classic-universal-login-experience , login-experience	3	527	April 9, 2024
FailedExchange error when creating a sample Angular application using auth0-spa-js Get Help	3	2964	August 13, 2019
Failed Login : Unable to issue redirect for OAuth 2.0 transaction Get Help login-experience , signup-prompt-new-experience	4	610	October 18, 2023

Redirect loop and Failed Exchange error

Related topics