Auth0 Home Blog Docs

Token Error on wordpress login with oauth


Since the move to v2 API, it seems it has broken the wordpress plugin.

None of my users can now login, they keep getting a message about invalid token

WP_Auth0_LoginManager::redirect_login => $this->login_user() invalid_grant Invalid authorization code


From what you shared you seem to have updated the Wordpress Auth0 plugin; from which version and to which version did you move? Are there no other information available in logs (both the plugin logs and Auth0 service logs)?


Version 3.5.2

Wordpress and Autho plugin are fully up to date.

I thought the issue arised because Autho plugin needed updated, once I updated the issue still remained

I have attached screenshots


I was able to come up with one situation where I would get similar behavior. If Wordpress is configured to redirect index.php to root path then after authentication you would get redirected to index.php (the plugin would exchange the code here), but Wordpress would redirect to root path (where the plugin would try to exchange the code again; and fail as code can only be used once).

Using the approach described at ( I was able to mitigate this, but the solution may not be applicable to all scenarios. You can confirm if you’re under this situation by checking the network trace in the browser tools, if you see a redirect from index.php?auth0=... to /?auth0=.... then you’re in the same situation. I’m trying to find more about the underlying issue as I believe the redirect in Wordpress is nothing new.


This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.