Regression: The .well-known/jwks.json file throws 502 Bad Gateway

This seems to be a regression of Missing CORS headers for cached /.well-known/jwks.json • Auth0 Status Page

Also linked to No 'Access-Control-Allow-Origin' header is present on the requested resource - #8 by JayWelsh

When trying to authenticate, our <custom-domain>.com/.well-known/jwks.json file throws a CORS error client-side:

Access to fetch at '' from origin
'' has been blocked by CORS policy: 
No 'Access-Control-Allow-Origin' header is present on the requested resource.
If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

But when visiting the URL itself, it responds with a 502 Bad Gateway

This means that currently none of our users are able to log in. This is happening on our production tenant.

Hi @ajv ,

We have identified this incident and are investigating. You can track the status here:

1 Like

Thanks for a swift response Dan. Although the status page lists only EU as the affected region, we’re also getting reports from Canada and Texas for this.

Can you please DM me the affected tenant names?

This issue has been resolved. Please open a new topic if you experience any interruptions.

1 Like