ROPG Returns Wrong Email or Password


Using the Resource Owner Password flow, an error indicating the wrong usage of mail or password for a valid user is received.


This issue is usually related to the /token endpoint not recognizing the username and password that was sent. Note that Auth0 will not know to which “connection” the user belongs, so if there is more than one connection enabled for the application, please try just enabling that particular connection for the application.

If more than one connection for the application is needed, “realm support” will be required, which is related to sending the “realm” parameter (including the name of the connection the user belongs to in the /token call). More information about this can be found here.