"The security token included in the request is invalid" error when sending email from AWS SES Email provider

Last Updated: Nov 5, 2024

Overview

After configuring SES as the SMTP provider, email delivery is failing and the following error log is shown:

The security token included in the request is invalid.

Applies To

  • AWS SES
  • SMTP
  • Email provider

Cause

If the SES credentials appear correct and have not been updated recently by another admin, this may come down to behavior from a Password Manager installed on an admin’s browser.

Password managers may have an option enabled to autofill passwords, and it can mistakenly fill in and update the credentials added to the Auth0 Dashboard Email provider settings when accessing that page.

If this is the case, dashboard tenant logs may have an 'Update the email provider’ log indicating a change has been made to that configuration.

Solution

  1. Disable password manager autofill and auto-submit.
  2. Add the correct credentials as needed.