Regression: The .well-known/jwks.json file throws 502 Bad Gateway

ajv · February 4, 2021, 9:05pm

This seems to be a regression of Missing CORS headers for cached /.well-known/jwks.json • Auth0 Status Page

Also linked to No 'Access-Control-Allow-Origin' header is present on the requested resource - #8 by JayWelsh

When trying to authenticate, our <custom-domain>.com/.well-known/jwks.json file throws a CORS error client-side:

Access to fetch at 'https://login.klausapp.com/.well-known/jwks.json' from origin
'https://kibbles.klausapp.com' has been blocked by CORS policy: 
No 'Access-Control-Allow-Origin' header is present on the requested resource.
If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

But when visiting the URL itself, it responds with a 502 Bad Gateway

This means that currently none of our users are able to log in. This is happening on our production tenant.

dan.woda · February 4, 2021, 9:11pm

Hi @ajv ,

We have identified this incident and are investigating. You can track the status here:

https://status.auth0.com/incidents/35zbp16lwqm5

ajv · February 4, 2021, 9:14pm

Thanks for a swift response Dan. Although the status page lists only EU as the affected region, we’re also getting reports from Canada and Texas for this.

dan.woda · February 4, 2021, 9:15pm

Can you please DM me the affected tenant names?

dan.woda · February 4, 2021, 11:04pm

This issue has been resolved. Please open a new topic if you experience any interruptions.