Users cannot login due to custom domain failure

Problem statement

I have configured a custom domain of identity.example.io. It seems to be failing now. No production changes were made recently. As a result, applications are failing and all my users cannot login.

Symptoms

In this scenario, Auth0 may suddenly receive multiple reports from customers.
All of the users of that tenant are suddenly unable to login.
Users that are already logged in report that applications may suddenly fail.

The affected Auth0 customers are distributed across different Auth0 regions and environments.

Troubleshooting

If you have a custom domain that is configured in your tenant, first determine the scope of the problem:

  1. Do all new login attempts fail? Do already logged-in users report that their applications no longer work as expected?

If the answer to both of these questions is ‘Yes’, then there is a strong possibility that the problem may be due to the fact that the custom domain name has failed to resolve correctly in the DNS

Use a command line tool ‘dig’ to check the status of your DNS information.

Example:

dig auth.example.com
  1. If a custom domain is configured in all or any of your environments ( Dev, Stage, Production), are all equally affected by this problem?

  2. If you have applications deployed to different Auth0 regions, are all equally affected by this problem?

Note that if you have a custom domain configured in your tenant but not all applications are configured to take advantage of it, you may see a more mixed pattern. For example:

  • Applications that are configured to use your custom domain may suddenly fail and prohibit login.
  • Other applications which do not rely on custom domain will continue to work as normal

Cause

If your custom domain suddenly stops working, it may well be that there is a problem with your DNS provider.

Solution

Check with your DNS service provider. If you are not sure which provider this is, you can usually find this by performing a DNS lookup or consult your own internal documentation.

Sample incident: on one day in February 2023, Auth0 suddenly received many reports from customers that applications were failing and users were unable to login. The reports came from across multiple Auth0 regions.

A lookup of one of the affected custom domains showed that GoDaddy was the DNS provider.
A check of the GoDaddy status page showed that there was indeed an outage.

For these types of incidents, you should report the problem to your 3rd party DNS service provider and monitor their status page.

If you find that the DNS service provider is working normally, then you should create a support ticket in Support Center ( paid customers only ) or make a report to our Community.

For all serious incidents that fall within the scope of the Auth0 service, be sure to check our Status page here:

https://status.auth0.com/incidents