The actions or input data of your users, during the sign up or the log in processes, might trigger errors. Here is a list of the most common errors that you might get if you use any of the Auth0 libraries for authentication.

Sign up

In the case of a failed signup, the most common errors are:
ErrorDescription
invalid_passwordIf the password used doesn’t comply with the password policy for the connection
invalid_signupThe user you are attempting to sign up is invalid
password_dictionary_errorThe chosen password is too common
password_no_user_info_errorThe chosen password is based on user information
password_strength_errorThe chosen password is too weak
unauthorizedIf you cannot sign up for this application. May have to do with the violation of a specific rule
user_existsThe user you are attempting to sign up has already signed up
username_existsThe username you are attempting to sign up with is already in use

Log in

In the case of a failed login, the most common errors are:
ErrorDescription
access_deniedWhen using web-based authentication, the resource server denies access per OAuth2 specifications
invalid_user_passwordThe username and/or password used for authentication are invalid
mfa_invalid_codeThe code provided by the user is invalid/expired
mfa_registration_requiredThe administrator has required multi-factor authentication, but the user has not enrolled
mfa_requiredThe user must provide the multi-factor authentication code to authenticate
password_leakedIf the password has been leaked and a different one needs to be used
PasswordHistoryErrorThe password provided for sign up/update has already been used (reported when password history feature is enabled)
PasswordStrengthErrorThe password provided does not match the connection’s strength requirements
too_many_attemptsThe account is blocked due to too many attempts to sign in
unauthorizedThe user you are attempting to sign in with is blocked

Learn more