Common Auth0 Library Authentication Errors

The actions or input data of your users, during the sign up or the log in processes, might trigger errors. Here is a list of the most common errors that you might get if you use any of the Auth0 libraries for authentication.

Sign up

In the case of a failed signup, the most common errors are:

Error Description
invalid_password If the password used doesn't comply with the password policy for the connection
invalid_signup The user you are attempting to sign up is invalid
password_dictionary_error The chosen password is too common
password_no_user_info_error The chosen password is based on user information
password_strength_error The chosen password is too weak
unauthorized If you cannot sign up for this application. May have to do with the violation of a specific rule
user_exists The user you are attempting to sign up has already signed up
username_exists The username you are attempting to sign up with is already in use

Log in

In the case of a failed login, the most common errors are:

Error Description
access_denied When using web-based authentication, the resource server denies access per OAuth2 specifications
invalid_user_password The username and/or password used for authentication are invalid
mfa_invalid_code The multi-factor authentication (MFA) code provided by the user is invalid/expired
mfa_registration_required The administrator has required multi-factor authentication, but the user has not enrolled
mfa_required The user must provide the multi-factor authentication code to authenticate
password_leaked If the password has been leaked and a different one needs to be used
PasswordHistoryError The password provided for sign up/update has already been used (reported when password history feature is enabled)
PasswordStrengthError The password provided does not match the connection's strength requirements
too_many_attempts The account is blocked due to too many attempts to sign in
unauthorized The user you are attempting to sign in with is blocked

Learn more