Auth0 Home Blog Docs

Troubleshooting an OIDC Connection to SecureAuth - Discovery URL Not Working

Hey guys! I am trying to setup an OIDC Connection to a SecureAuth provider. When I paste in SecureAuth’s Discovery Endpoint, instead of the green checkbox, I get the red X. Is there any way to troubleshoot the underlying cause of this issue?

Here’s what I’ve tried so far:

  • I can successfully hit the Discovery Endpoint with my browser and I’m getting back the OIDC configuration JSON.
  • Opening the developer window shows that when I paste the discovery endpoint, there’s a GET call to the URL which returns a 200, so I know the endpoint is reachable. Then afterward there’s 2 calls to https://dwh-tracking.it.auth0.com/dwh-metrics. The second call contains a RequestPayload that gives a small clue: en event called “connections:oidc-failed-issuer-urls”.
  • Tried searching the logs, but that doesn’t include API calls.
  • Only other thing I can think of is that the SecureAuth and Auth0 configs have incompatible fields?

Any help / advice would be most appreciated!
Thanks in advance!
Jerry Moore

Hi Jerry,

We are making the request to the metadata endpoint from the browser, so it’s probably a CORS issue, you should see something like this in the Javascript console:

Access to XMLHttpRequest at ‘/.well-known/openid-configuration’ from origin ‘https://manage.auth0.com’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

We’ll remove that limitation soon. Meanwhile, you can configure the connection using the Management API, something like:

curl \
-H "Authorization: Bearer MGMT_API_ACCESS_TOKEN" -X POST \
-H "Content-Type: application/json" \
-d '{"strategy":"oidc","name":"<CONNECTION_NAME>","options":{"client_id":"<CLIENT_ID>","scopes":"openid","discovery_url":"https:/<ISSUER>/.well-known/openid-configuration"}}' "https://<AUTH0_TENANT>/api/v2/connections"

I hope it helps!

Andres

Hey Andres, I’ll give that a try.
Thanks for your quick response!

Jer

Using the API worked nicely! Thanks again Andres! :smiley:

1 Like

i tried the same way jmimoore, it work nicely, thanks a lot.

just go with instructions and you’ve reached!

@jmicmoore @iraleksandrova1992

We shipped a new iteration of the OIDC connection that does not have this limitation.

New docs are here https://auth0.com/docs/connections/enterprise/oidc