Redirection is not available on /oauth/token endpoint

Hello.

Currently, I’m working with a process to linking accounts from different providers, but in some part of the process, It’s fetching POST to https://{yourDomain}/oauth/token to refresh token and It’s retrieven me 400 status code bad request and error message “Redirection is not available on /oauth/token endpoint.”. I checked the documentation API reference Authentication API Explorer and I’m including the same body request and I still get the same error.

¿Does somebody know what I’m getting this error?

1 Like

I’m guessing you have a redirect in your login flow which is also run when a token is refreshed

1 Like

Yep that can be the thing. Can you actually check that @fernandat ? Thank you!

We are running into a similar issue. Given a user with a google-oauth2 connection, trigger a /passwordless/start with the same email account, returns the email code.

When we use the received email code in the /oauth/token call, with http://auth0.com/oauth/grant-type/passwordless/otp as grant_type we can see on Auth0 a new user with that email connection, but that first /oauth/token call always returns

Redirection is not available on /oauth/token endpoint.

EDIT: also note - this only seems to happen for the initial /oauth/token call. Subsequent calls seem to work for a same account, and then we can link the email account with google-oauth2.

Hi I am facing same issue when trying to get new access token with refresh token. what could be the possible solution?

Do i need to add rules to bypass it.

Hi I am facing same issue when trying to get new access token with refresh token. what could be the possible solution?

Do i need to add rules to bypass it. Thanks.

Our team frequently answers questions like this one.

The error you’re encountering usually happens when a redirect is triggered within an Action during a trigger that doesn’t allow redirects, such as during a refresh token exchange. The solution is to add logic to bypass the redirect in these cases.

See documentation for more details:
Redirection is not available on /oauth/token endpoint

Hope this helps

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.