Currently, I’m working with a process to linking accounts from different providers, but in some part of the process, It’s fetching POST to https://{yourDomain}/oauth/token to refresh token and It’s retrieven me 400 status code bad request and error message “Redirection is not available on /oauth/token endpoint.”. I checked the documentation API reference Authentication API Explorer and I’m including the same body request and I still get the same error.
We are running into a similar issue. Given a user with a google-oauth2 connection, trigger a /passwordless/start with the same email account, returns the email code.
When we use the received email code in the /oauth/token call, with http://auth0.com/oauth/grant-type/passwordless/otp as grant_type we can see on Auth0 a new user with that email connection, but that first /oauth/token call always returns
Redirection is not available on /oauth/token endpoint.
EDIT: also note - this only seems to happen for the initial /oauth/token call. Subsequent calls seem to work for a same account, and then we can link the email account with google-oauth2.
Our team frequently answers questions like this one.
The error you’re encountering usually happens when a redirect is triggered within an Action during a trigger that doesn’t allow redirects, such as during a refresh token exchange. The solution is to add logic to bypass the redirect in these cases.