Salesforce Community Social Login Fails with the Error UNABLE_TO_VERIFY_LEAF_SIGNATURE

kristi.davis · July 11, 2025, 8:09pm

Overview

When a user attempts to authenticate on the Salesforce login screen, it initially appears that authentication is successful. Auth0 receives the code and state in the callback, but the flow immediately fails. In the Datadog logs, the following error is generated.

UNABLE_TO_VERIFY_LEAF_SIGNATURE

On the client side, the following error is generated.

{

“error”: “invalid_request”,

“error_description”: “failed to obtain access token”

}

Applies To

Auth0 Salesforce Social Connection

Cause

This issue occurs because the certificate chain presented by the remote IdP server (Salesforce) is either incomplete, self-signed, or not issued by a Certificate Authority (CA) that the Anypoint Platform trusts.

This is a Salesforce-side issue and must be addressed by the Salesforce team.

Solution

To resolve this issue, contact Salesforce Support to correct the certificate related problem.

Related References

Salesforce Help Article

Topic		Replies	Views
Can't make SSO integration to Salesforce Community Get Help auth0 , sso , rules , login , salesforce	4	9450	February 19, 2020
Salesforce Integration Access Token Invalid Get Help connections , other-built-in-social-connections	2	1314	January 4, 2024
Custom Social Connection Fails to Obtain Access Token Knowledge Articles social-connections , custom , opaque-access-token-and-authorizat , indeed	1	1568	April 12, 2023
Regarding SalesLoft 0Auth Login through Auth0 Integration Help auth0 , social-connections	0	746	September 26, 2023
Custom social connection - Failed to obtain access token Get Help user-management , account-linking	3	90	April 9, 2025